x-kom hosting

[Rozwiązane] Profilaktyczne sprawdzenie PC

Marooooo
utworzono
utworzono (edytowane)

Witam.
Prosiłbym Was o sprawdzenie mojego PC, czy nie kryją się w nim jakieś wirusy itp.
Oto logi, które utworzyłem.

[b]OTL:[/b]

[b]Extras:[/b]
[log]OTL Extras logfile created on: 2012-02-01 14:27:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\XXX\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,98 Gb Total Physical Memory | 6,46 Gb Available Physical Memory | 80,88% Memory free
15,96 Gb Paging File | 14,36 Gb Available in Paging File | 89,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,43 Gb Total Space | 62,56 Gb Free Space | 62,29% Space Free | Partition Type: NTFS
Drive D: | 365,23 Gb Total Space | 146,20 Gb Free Space | 40,03% Space Free | Partition Type: NTFS
Drive G: | 497,25 Mb Total Space | 44,50 Mb Free Space | 8,95% Space Free | Partition Type: FAT32

Computer Name: XXX-PC | User Name: XXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3432695862-1466099892-265281002-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\PROGRAMY\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}" = Microsoft Xbox 360 Accessories 1.1
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 290.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 290.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.1107
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.6.24
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{648F9C94-EC44-487B-9DA4-44ED72A082CC}" = Logitech Gaming Software
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.2.0 Beta 9
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.54
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.26
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"ESN Sonar-0.70.4" = ESN Sonar
"F1Liga Updater 1.40_is1" = F1Liga Updater 1.40.36
"F1RFT 2011 FINAL" = F1RFT 2011 FINAL
"F1RFT 2011 UPDATE" = F1RFT 2011 UPDATE
"Fraps" = Fraps (remove only)
"Freemake Video Converter_is1" = Freemake Video Converter wersja 3.0.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.1.0 (Full)
"Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0
"MagniDriver" = marvell 91xx driver
"Mozilla Firefox 10.0 (x86 pl)" = Mozilla Firefox 10.0 (x86 pl)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"rFactor" = rFactor (remove only)
"RocketDock_is1" = RocketDock 1.3.5
"SpeedFan" = SpeedFan (remove only)
"Steam App 102600" = Orcs Must Die!
"Steam App 12100" = Grand Theft Auto III
"Steam App 12110" = Grand Theft Auto: Vice City
"Steam App 12140" = Max Payne
"Steam App 12150" = Max Payne 2: The Fall of Max Payne
"Steam App 12170" = Grand Theft Auto
"Steam App 12180" = Grand Theft Auto 2
"Steam App 12210" = Grand Theft Auto IV
"Steam App 12220" = Grand Theft Auto: Episodes from Liberty City
"Steam App 12840" = DiRT 2
"Steam App 15700" = Oddworld: Abe's Oddysee
"Steam App 15710" = Oddworld: Abe's Exoddus
"Steam App 18700" = And Yet It Moves
"Steam App 240" = Counter-Strike: Source
"Steam App 26500" = Cogs
"Steam App 26900" = Crayon Physics Deluxe
"Steam App 400" = Portal
"Steam App 40800" = Super Meat Boy
"Steam App 41100" = Hammerfight
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 6120" = Shank
"Steam App 620" = Portal 2
"Steam App 63710" = BIT.TRIP RUNNER
"Steam App 6800" = Commandos: Behind Enemy Lines
"Steam App 6810" = Commandos: Beyond the Call of Duty
"Steam App 6830" = Commandos 2: Men of Courage
"Steam App 6840" = Commandos 3: Destination Berlin
"Steam App 70300" = VVVVVV
"Steam App 94200" = Jamestown
"Steam App 99700" = NightSky
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"vShare.tv plugin" = vShare.tv plugin 1.3
"Warcraft II BNE" = Warcraft II BNE
"Warcraft III" = Warcraft III
"XFastUsb" = XFastUsb

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-01-31 11:38:10 | Computer Name = XXX-PC | Source = ESENT | ID = 455
Description = Windows (2232) Windows: Wystąpił błąd -1811 podczas otwierania pliku
dziennika C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00017.log.

Error - 2012-01-31 11:38:10 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 7010
Description =

[ System Events ]
Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134
Description =

Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134
Description =

Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134
Description =

Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134
Description =

Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134
Description =

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7024
Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla
niej błąd %%-1073473535.

Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7031
Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło
to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna:
Uruchom usługę ponownie.

Error - 2012-01-31 11:38:38 | Computer Name = XXX-PC | Source = DCOM | ID = 10005
Description =

Error - 2012-01-31 11:38:38 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7009
Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się
z usługą Windows Search.

Error - 2012-01-31 11:38:38 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7000
Description = Nie można uruchomić usługi Windows Search z powodu następującego błędu:
%%1053


< End of report >

[/log]
[b]OTL:[/b]
[log]OTL logfile created on: 2012-02-01 14:27:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\XXX\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

7,98 Gb Total Physical Memory | 6,46 Gb Available Physical Memory | 80,88% Memory free
15,96 Gb Paging File | 14,36 Gb Available in Paging File | 89,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,43 Gb Total Space | 62,56 Gb Free Space | 62,29% Space Free | Partition Type: NTFS
Drive D: | 365,23 Gb Total Space | 146,20 Gb Free Space | 40,03% Space Free | Partition Type: NTFS
Drive G: | 497,25 Mb Total Space | 44,50 Mb Free Space | 8,95% Space Free | Partition Type: FAT32

Computer Name: XXX-PC | User Name: XXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-02-01 14:24:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe
PRC - [2012-01-31 20:44:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\PROGRAMY\Mozilla Firefox\firefox.exe
PRC - [2012-01-03 22:51:18 | 000,037,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2012-01-03 18:15:57 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-12-17 22:05:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011-12-17 12:43:30 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\AvastUI.exe
PRC - [2011-11-28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\AvastSvc.exe
PRC - [2010-11-05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010-11-05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\PROGRAMY\RocketDock\RocketDock.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-02-01 14:24:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe
MOD - [2012-01-31 20:44:58 | 001,911,768 | ---- | M] () -- C:\PROGRAMY\Mozilla Firefox\mozjs.dll
MOD - [2012-01-31 20:44:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\PROGRAMY\Mozilla Firefox\firefox.exe
MOD - [2012-01-31 20:44:58 | 000,818,136 | ---- | M] (sqlite.org) -- C:\PROGRAMY\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-01-31 20:44:58 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nss3.dll
MOD - [2012-01-31 20:44:58 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nssckbi.dll
MOD - [2012-01-31 20:44:58 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\freebl3.dll
MOD - [2012-01-31 20:44:58 | 000,187,352 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nspr4.dll
MOD - [2012-01-31 20:44:58 | 000,170,968 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\softokn3.dll
MOD - [2012-01-31 20:44:58 | 000,154,584 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\ssl3.dll
MOD - [2012-01-31 20:44:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-01-31 20:44:58 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nssdbm3.dll
MOD - [2012-01-31 20:44:58 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\smime3.dll
MOD - [2012-01-31 20:44:58 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nssutil3.dll
MOD - [2012-01-31 20:44:58 | 000,045,016 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\mozutils.dll
MOD - [2012-01-31 20:44:58 | 000,022,488 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\plc4.dll
MOD - [2012-01-31 20:44:58 | 000,020,952 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\plds4.dll
MOD - [2012-01-31 20:44:58 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\mozalloc.dll
MOD - [2012-01-31 20:44:57 | 016,112,600 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\xul.dll
MOD - [2012-01-31 20:44:57 | 000,019,928 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\xpcom.dll
MOD - [2012-01-27 19:58:48 | 000,044,744 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\defs\12020100\uiext.dll
MOD - [2012-01-11 20:06:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll
MOD - [2012-01-03 22:51:18 | 000,037,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
MOD - [2011-12-17 22:38:03 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2011-12-17 22:37:58 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011-12-17 22:37:58 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2011-12-17 22:05:00 | 007,677,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll
MOD - [2011-12-17 22:05:00 | 002,095,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll
MOD - [2011-12-17 12:43:32 | 000,154,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
MOD - [2011-12-17 12:43:26 | 000,674,112 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MOD - [2011-12-17 12:43:16 | 000,349,504 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011-12-17 11:24:32 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4ffea70edf9aa81cba6a5be8070d3dd9\IAStorUtil.ni.dll
MOD - [2011-12-17 11:24:30 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011-12-17 11:24:25 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011-12-17 11:24:21 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011-12-17 11:24:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011-12-17 11:24:16 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011-12-17 11:24:12 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011-12-16 21:16:28 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011-12-16 21:16:28 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011-12-14 17:40:54 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
MOD - [2011-12-14 17:40:54 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2011-12-14 17:40:54 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
MOD - [2011-12-14 00:28:31 | 000,108,616 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswJsFlt.dll
MOD - [2011-11-28 19:01:33 | 000,199,280 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\1045\uiLangRes.dll
MOD - [2011-11-28 19:01:33 | 000,091,624 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\1045\Base.dll
MOD - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\AvastUI.exe
MOD - [2011-11-28 19:01:22 | 001,821,000 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\CommonRes.dll
MOD - [2011-11-28 19:01:22 | 000,199,792 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\snxhk.dll
MOD - [2011-11-28 19:01:20 | 000,398,576 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswSqLt.dll
MOD - [2011-11-28 19:01:20 | 000,220,880 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswProperty.dll
MOD - [2011-11-28 19:01:20 | 000,205,448 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswLog.dll
MOD - [2011-11-28 19:01:20 | 000,025,728 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswUtil.dll
MOD - [2011-11-28 19:01:19 | 000,048,888 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswEngLdr.dll
MOD - [2011-11-28 19:01:18 | 000,682,344 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswAux.dll
MOD - [2011-11-28 19:01:18 | 000,317,200 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswCmnBS.dll
MOD - [2011-11-28 19:01:18 | 000,167,832 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswData.dll
MOD - [2011-11-28 19:01:18 | 000,163,736 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswCmnIS.dll
MOD - [2011-11-28 19:01:18 | 000,097,840 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswCmnOS.dll
MOD - [2011-11-28 19:01:17 | 000,204,448 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\ashBase.dll
MOD - [2011-11-28 19:01:17 | 000,150,352 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\ashTask.dll
MOD - [2011-11-28 19:01:17 | 000,061,760 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\ashTaskEx.dll
MOD - [2011-11-28 19:01:14 | 000,319,784 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\Aavm4h.dll
MOD - [2011-11-28 19:01:13 | 000,072,584 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\AavmRpch.dll
MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
MOD - [2011-11-17 06:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
MOD - [2011-11-17 06:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
MOD - [2011-07-16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
MOD - [2011-07-16 05:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
MOD - [2011-07-08 23:33:43 | 005,924,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
MOD - [2011-05-17 09:27:52 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2011-03-29 23:33:48 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2011-02-19 07:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
MOD - [2010-11-20 13:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2010-11-20 13:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2010-11-20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
MOD - [2010-11-20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2010-11-20 13:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
MOD - [2010-11-20 13:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2010-11-20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll
MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll
MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010-11-20 13:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll
MOD - [2010-11-20 13:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2010-11-20 13:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
MOD - [2010-11-20 13:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
MOD - [2010-11-20 13:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv
MOD - [2010-11-20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
MOD - [2010-11-20 13:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
MOD - [2010-11-20 13:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
MOD - [2010-11-20 13:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 12:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010-11-05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MOD - [2010-11-05 23:52:34 | 000,032,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\pl-PL\IAStorIcon.resources.dll
MOD - [2010-11-05 23:52:30 | 000,004,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\pl-PL\IntelVisualDesign.resources.dll
MOD - [2010-11-05 23:50:00 | 001,109,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
MOD - [2010-11-05 02:58:19 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll
MOD - [2010-11-05 02:57:40 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MOD - [2009-07-14 18:55:02 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll
MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll
MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll
MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll
MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009-07-14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll
MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll
MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll
MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009-07-14 02:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm
MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv
MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\PROGRAMY\RocketDock\RocketDock.exe
MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\PROGRAMY\RocketDock\RocketDock.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012-01-05 18:59:32 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-01-03 18:15:57 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011-12-17 22:05:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011-12-17 12:43:30 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-12-14 00:12:37 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011-11-28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\PROGRAMY\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010-11-05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-05-31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2011-12-13 23:52:29 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:[b]64bit:[/b] - [2011-11-28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2011-11-28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2011-11-28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2011-11-28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2011-11-28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2011-11-28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2011-11-09 15:21:39 | 000,187,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011-02-08 06:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:[b]64bit:[/b] - [2011-02-08 06:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2010-10-19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:[b]64bit:[/b] - [2010-10-01 04:35:06 | 000,302,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:[b]64bit:[/b] - [2010-06-23 10:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010-06-11 14:37:14 | 000,015,368 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:[b]64bit:[/b] - [2009-08-13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011-03-18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3432695862-1466099892-265281002-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3432695862-1466099892-265281002-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.google.pl"

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\PROGRAMY\Mozilla Firefox\components [2012-01-31 20:45:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\PROGRAMY\Mozilla Firefox\plugins [2012-01-27 20:48:34 | 000,000,000 | ---D | M]

[2011-12-14 00:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXX\AppData\Roaming\mozilla\Extensions

O1 HOSTS File: ([2012-01-31 16:39:58 | 000,441,100 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15160 more lines...
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\PROGRAMY\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1000..\Run: [ASRockXTU] File not found
O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1000..\Run: [RocketDock] C:\PROGRAMY\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1000..\Run: [zASRockInstantBoot] File not found
O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [ASRockXTU] File not found
O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [RocketDock] C:\PROGRAMY\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [StartWMDriverWiz] C:\Windows\system32\rundll32.exe C:\PROGRA~2\COMMON~1\Logitech\WmDrivers\wmwizard.dll,WMWizardMain File not found
O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [zASRockInstantBoot] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3432695862-1466099892-265281002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 149.208.161.219
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD3F03EF-2EEE-467A-A441-A4309A662FF6}: DhcpNameServer = 149.208.161.219
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5b414381-25d9-11e1-90a6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5b414381-25d9-11e1-90a6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\ASRSetup.exe
O33 - MountPoints2\{d26a8bb3-2753-11e1-8eb5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d26a8bb3-2753-11e1-8eb5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe autorun
O33 - MountPoints2\{d26a8bb3-2753-11e1-8eb5-806e6f6e6963}\Shell\setup\command - "" = E:\Setup.exe autorun
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: [b]XFastUsb[/b] - hkey= - key= - C:\Program Files (x86)\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.

SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-02-01 14:24:20 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe
[2012-01-31 15:54:22 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1RFT 2011 FINAL 1.00
[2012-01-29 21:29:27 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\ElevatedDiagnostics
[2012-01-27 20:48:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-01-15 17:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012-01-14 18:59:57 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2012-01-14 18:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xenocode
[2012-01-12 22:35:01 | 000,027,388 | ---- | C] (Immersion Corporation) -- C:\Windows\SysWow64\drivers\ihidfilt.sys
[2012-01-12 22:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Logitech
[2012-01-12 22:34:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012-01-12 22:34:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2012-01-12 19:14:37 | 001,347,584 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2012-01-12 19:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2012-01-11 22:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2012-01-11 17:11:50 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2012-01-08 18:08:46 | 000,098,304 | ---- | C] (Blizzard Entertainment) -- C:\Windows\W2BNEUnin.exe
[2012-01-07 15:23:14 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\VVVVVV
[2012-01-07 15:11:23 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Nicalis
[2012-01-07 15:03:04 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Saved Games
[2012-01-07 14:48:11 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Crayon Physics Deluxe
[2012-01-07 14:46:18 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Crayon Physics Deluxe
[2012-01-07 14:40:28 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Lazy 8 Studios
[2012-01-07 14:32:26 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\BIT.TRIP RUNNER
[2012-01-07 14:32:23 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-01-07 14:32:23 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-01-07 14:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012-01-07 14:20:55 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Broken Rules
[2012-01-03 22:25:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vShare.tv plugin
[2012-01-01 17:04:00 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Skype
[2012-01-01 16:53:38 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Media Player Classic
[2012-01-01 16:52:43 | 000,839,680 | ---- | C] ([url="http://www.mp3dev.org/"]http://www.mp3dev.org/[/url]) -- C:\Windows\SysWow64\lameACM.acm
[2012-01-01 16:52:41 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2011-12-26 15:29:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011-12-25 21:59:44 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\ESN Sonar
[2011-12-25 21:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011-12-25 21:51:59 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011-12-25 21:51:59 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011-12-25 15:00:18 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\My Games
[2011-12-25 14:18:56 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\PunkBuster
[2011-12-25 14:18:52 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Battlefield 3
[2011-12-25 14:18:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2011-12-20 18:31:20 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Max Payne 2 Savegames
[2011-12-20 16:43:24 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Max Payne Savegames
[2011-12-18 19:34:43 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\NVIDIA
[2011-12-18 19:28:21 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Freemake
[2011-12-18 19:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2011-12-17 14:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011-12-17 12:14:16 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\GTA San Andreas User Files
[2011-12-16 14:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2011-12-15 21:37:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011-12-15 20:21:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011-12-15 19:23:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011-12-15 19:22:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011-12-15 19:11:20 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011-12-15 19:10:50 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011-12-14 23:18:01 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Rockstar Games
[2011-12-14 23:06:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011-12-14 23:06:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011-12-14 23:03:56 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Rockstar Games
[2011-12-14 23:03:48 | 000,000,000 | RH-D | C] -- C:\Users\XXX\AppData\Roaming\SecuROM
[2011-12-14 23:03:46 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011-12-14 23:03:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011-12-14 23:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011-12-14 22:43:26 | 000,000,000 | ---D | C] -- C:\Users\XXX\Desktop\Portable
[2011-12-14 20:00:33 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\GTA Vice City User Files
[2011-12-14 19:57:51 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\GTA3 User Files
[2011-12-14 19:55:25 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011-12-14 19:38:00 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Orcs Must Die
[2011-12-14 17:58:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011-12-14 17:58:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011-12-14 17:29:42 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\CrashDumps
[2011-12-14 16:54:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011-12-14 16:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2011-12-14 16:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011-12-14 16:32:25 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\FIFA 12
[2011-12-14 16:22:28 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2011-12-14 15:40:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011-12-14 00:37:46 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Origin
[2011-12-14 00:37:45 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Origin
[2011-12-14 00:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2011-12-14 00:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011-12-14 00:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011-12-14 00:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011-12-14 00:26:55 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011-12-14 00:26:54 | 000,304,472 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011-12-14 00:26:53 | 000,591,192 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011-12-14 00:26:53 | 000,058,712 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011-12-14 00:26:53 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011-12-14 00:26:52 | 000,256,960 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011-12-14 00:26:52 | 000,066,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011-12-14 00:26:47 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011-12-14 00:26:47 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-12-14 00:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011-12-14 00:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011-12-14 00:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011-12-14 00:14:20 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Adobe
[2011-12-14 00:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2011-12-14 00:12:39 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011-12-14 00:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2011-12-14 00:11:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011-12-14 00:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011-12-14 00:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011-12-14 00:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011-12-14 00:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011-12-14 00:06:07 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011-12-14 00:05:04 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Mozilla
[2011-12-14 00:05:04 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Mozilla
[2011-12-14 00:04:49 | 000,000,000 | ---D | C] -- C:\PROGRAMY
[2011-12-13 23:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\DeviceVM
[2011-12-13 23:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011-12-13 23:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011-12-13 23:54:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
[2011-12-13 23:54:05 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\DeviceVm
[2011-12-13 23:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2011-12-13 23:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2011-12-13 23:53:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011-12-13 23:53:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011-12-13 23:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011-12-13 23:53:23 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Macromedia
[2011-12-13 23:53:23 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Adobe
[2011-12-13 23:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011-12-13 23:53:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011-12-13 23:52:29 | 000,015,936 | ---- | C] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS
[2011-12-13 23:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\FNET
[2011-12-13 23:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XFastUsb
[2011-12-13 23:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast USB
[2011-12-13 23:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASRock Utility
[2011-12-13 23:52:17 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Intel Corporation
[2011-12-13 23:51:24 | 000,015,368 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\AsrAppCharger.sys
[2011-12-13 23:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
[2011-12-13 23:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock Utility
[2011-12-13 23:49:48 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2011-12-13 23:49:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2011-12-13 23:49:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology
[2011-12-13 23:49:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011-12-13 23:49:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2011-12-13 23:48:21 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\InstallShield
[2011-12-13 23:47:55 | 000,344,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011-12-13 23:47:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011-12-13 23:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011-12-13 23:47:40 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011-12-13 23:47:39 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011-12-13 23:47:39 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011-12-13 23:47:39 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011-12-13 23:47:39 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011-12-13 23:47:34 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011-12-13 23:47:34 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011-12-13 23:47:34 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011-12-13 23:47:34 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011-12-13 23:47:34 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011-12-13 23:47:34 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011-12-13 23:47:31 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011-12-13 23:47:31 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011-12-13 23:47:23 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011-12-13 23:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011-12-13 23:47:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011-12-13 23:47:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011-12-13 23:47:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011-12-13 23:45:19 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011-12-13 23:45:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011-12-13 23:45:17 | 000,000,000 | ---D | C] -- C:\Intel
[2011-12-13 23:36:18 | 000,000,000 | R--D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011-12-13 23:36:18 | 000,000,000 | R--D | C] -- C:\Users\XXX\Searches
[2011-12-13 23:36:18 | 000,000,000 | R--D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011-12-13 23:36:11 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Identities
[2011-12-13 23:36:09 | 000,000,000 | R--D | C] -- C:\Users\XXX\Contacts
[2011-12-13 23:36:08 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\VirtualStore
[2011-12-13 23:36:02 | 000,000,000 | --SD | C] -- C:\Users\XXX\AppData\Roaming\Microsoft
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Videos
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Saved Games
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Pictures
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Music
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Links
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Favorites
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Downloads
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Documents
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Desktop
[2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Ustawienia lokalne
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\AppData\Local\Temporary Internet Files
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Szablony
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\SendTo
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Recent
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\PrintHood
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\NetHood
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Documents\Moje wideo
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Documents\Moje obrazy
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Moje dokumenty
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Documents\Moja muzyka
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Menu Start
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\AppData\Local\Historia
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Dane aplikacji
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\AppData\Local\Dane aplikacji
[2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Cookies
[2011-12-13 23:36:02 | 000,000,000 | -H-D | C] -- C:\Users\XXX\AppData
[2011-12-13 23:36:02 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Temp
[2011-12-13 23:36:02 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Microsoft
[2011-12-13 23:36:02 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Media Center Programs
[2011-12-13 23:35:56 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2011-12-13 23:26:08 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011-12-13 23:25:45 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011-12-13 23:23:47 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011-12-13 23:23:38 | 000,000,000 | -HSD | C] -- C:\Boot

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-02-01 14:24:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe
[2012-02-01 14:23:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-02-01 14:23:09 | 2133,868,543 | -HS- | M] () -- C:\hiberfil.sys
[2012-01-31 22:23:04 | 000,014,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-01-31 22:23:03 | 000,014,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-01-31 19:46:17 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-01-31 19:46:17 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-01-31 19:45:59 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-01-31 16:43:50 | 001,543,720 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-01-31 16:43:50 | 000,695,932 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-01-31 16:43:50 | 000,613,962 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-01-31 16:43:50 | 000,133,728 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-01-31 16:43:50 | 000,105,204 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-01-31 16:39:58 | 000,441,100 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012-01-26 20:20:09 | 000,441,100 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120131-163958.backup
[2012-01-20 22:54:26 | 000,440,287 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120126-202009.backup
[2012-01-14 00:32:42 | 000,440,137 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120120-225426.backup
[2012-01-11 22:26:55 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012-01-11 22:26:55 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012-01-11 17:12:21 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2012-01-08 18:17:41 | 000,017,688 | ---- | M] () -- C:\Windows\W2BNEUnin.dat
[2012-01-08 18:08:47 | 000,002,829 | ---- | M] () -- C:\Windows\W2BNEUnin.pif
[2012-01-08 18:08:46 | 000,098,304 | ---- | M] (Blizzard Entertainment) -- C:\Windows\W2BNEUnin.exe
[2012-01-07 14:20:54 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2012-01-03 18:15:57 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-12-31 19:46:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011-12-29 19:00:00 | 000,079,360 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-12-29 13:42:41 | 000,348,307 | ---- | M] () -- C:\Users\XXX\Documents\bf3wallpaper1920x1200nosoldier.jpg
[2011-12-29 13:41:23 | 000,362,532 | ---- | M] () -- C:\Users\XXX\Documents\battlefield-3-the-russian-wallpaper.jpg
[2011-12-29 13:41:09 | 000,349,137 | ---- | M] () -- C:\Users\XXX\Documents\gi1080.jpg
[2011-12-29 13:40:50 | 000,255,267 | ---- | M] () -- C:\Users\XXX\Documents\1080nologo.jpg
[2011-12-28 14:16:00 | 000,440,010 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120114-003242.backup
[2011-12-26 15:29:05 | 000,000,816 | ---- | M] () -- C:\Users\XXX\Desktop\MSI Afterburner.lnk
[2011-12-25 21:52:58 | 000,000,737 | ---- | M] () -- C:\Users\XXX\Desktop\SpeedFan.lnk
[2011-12-25 21:52:58 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2011-12-25 21:48:12 | 001,746,408 | ---- | M] (CPUID) -- C:\Users\XXX\Desktop\HWMonitor.exe
[2011-12-25 19:08:13 | 000,439,956 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111228-141600.backup
[2011-12-21 19:14:02 | 000,151,552 | ---- | M] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2011-12-17 22:05:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011-12-17 22:05:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011-12-17 22:05:00 | 000,007,653 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2011-12-17 12:43:40 | 000,406,336 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-12-16 14:30:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011-12-15 22:02:14 | 000,002,560 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011-12-15 22:02:14 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011-12-15 21:08:19 | 001,636,610 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-12-15 20:44:10 | 000,439,243 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111225-190813.backup
[2011-12-15 20:00:31 | 000,275,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-12-14 23:03:46 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011-12-14 17:40:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-12-14 17:40:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011-12-14 00:24:43 | 000,438,933 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111215-204410.backup
[2011-12-13 23:52:29 | 000,015,936 | ---- | M] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS
[2011-12-13 23:30:02 | 000,067,912 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011-12-13 23:30:02 | 000,067,912 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011-12-13 23:28:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011-12-13 23:23:40 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-01-12 22:35:00 | 000,040,655 | ---- | C] () -- C:\Windows\SysWow64\LXLCore.VxD
[2012-01-12 22:35:00 | 000,034,784 | ---- | C] () -- C:\Windows\SysWow64\Ljoy.VxD
[2012-01-12 22:35:00 | 000,022,659 | ---- | C] () -- C:\Windows\SysWow64\Lserial.VxD
[2012-01-12 22:35:00 | 000,019,620 | ---- | C] () -- C:\Windows\SysWow64\LJoyFrc.vxd
[2012-01-12 22:35:00 | 000,016,680 | ---- | C] () -- C:\Windows\SysWow64\LDigital.VxD
[2012-01-12 22:35:00 | 000,011,428 | ---- | C] () -- C:\Windows\SysWow64\LUsbVxd.vxd
[2012-01-12 22:35:00 | 000,009,196 | ---- | C] () -- C:\Windows\SysWow64\LJoyV.VxD
[2012-01-12 22:35:00 | 000,006,243 | ---- | C] () -- C:\Windows\SysWow64\LAnalog.VxD
[2012-01-11 17:12:21 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2012-01-08 18:08:47 | 000,002,829 | ---- | C] () -- C:\Windows\W2BNEUnin.pif
[2012-01-08 18:08:35 | 000,017,688 | ---- | C] () -- C:\Windows\W2BNEUnin.dat
[2012-01-07 14:20:54 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012-01-01 16:52:49 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012-01-01 16:52:43 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml
[2012-01-01 16:52:41 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012-01-01 16:52:41 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012-01-01 16:52:41 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-12-29 13:42:41 | 000,348,307 | ---- | C] () -- C:\Users\XXX\Documents\bf3wallpaper1920x1200nosoldier.jpg
[2011-12-29 13:41:23 | 000,362,532 | ---- | C] () -- C:\Users\XXX\Documents\battlefield-3-the-russian-wallpaper.jpg
[2011-12-29 13:41:09 | 000,349,137 | ---- | C] () -- C:\Users\XXX\Documents\gi1080.jpg
[2011-12-29 13:40:39 | 000,255,267 | ---- | C] () -- C:\Users\XXX\Documents\1080nologo.jpg
[2011-12-26 15:29:05 | 000,000,816 | ---- | C] () -- C:\Users\XXX\Desktop\MSI Afterburner.lnk
[2011-12-25 21:52:58 | 000,000,737 | ---- | C] () -- C:\Users\XXX\Desktop\SpeedFan.lnk
[2011-12-25 21:52:57 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2011-12-25 14:19:00 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011-12-25 14:15:23 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-12-25 14:15:23 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011-12-25 14:15:20 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-12-21 15:37:50 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011-12-17 12:43:40 | 000,406,336 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-12-16 14:30:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011-12-15 22:00:36 | 000,002,560 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011-12-15 22:00:36 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011-12-15 21:08:15 | 001,636,610 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-12-15 19:13:06 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011-12-15 19:10:26 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011-12-15 19:10:02 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011-12-15 19:10:02 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011-12-15 19:08:37 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2011-12-15 19:08:37 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011-12-14 17:40:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011-12-14 17:40:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011-12-14 00:26:52 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011-12-14 00:07:12 | 000,007,653 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011-12-13 23:49:54 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2011-12-13 23:47:55 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011-12-13 23:29:56 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011-12-13 23:29:47 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011-12-13 23:28:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011-12-13 23:25:45 | 2133,868,543 | -HS- | C] () -- C:\hiberfil.sys
[2011-12-13 23:23:40 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2011-12-13 23:23:39 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011-09-19 14:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[color=#E56717]========== LOP Check ==========[/color]

[2012-01-07 14:20:55 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Broken Rules
[2012-01-07 15:02:28 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Crayon Physics Deluxe
[2011-12-14 00:11:57 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\DeviceVm
[2012-01-07 15:11:23 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Nicalis
[2011-12-14 00:38:12 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Origin
[2012-01-27 16:48:51 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2010-11-20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2011-12-13 23:23:40 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012-02-01 14:23:09 | 2133,868,543 | -HS- | M] () -- C:\hiberfil.sys
[2012-01-12 22:35:07 | 000,002,689 | ---- | M] () -- C:\LGSInst.Log
[2012-02-01 14:23:12 | 4276,817,919 | -HS- | M] () -- C:\pagefile.sys
[2012-01-31 20:13:24 | 000,565,786 | ---- | M] () -- C:\shared.log


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys
[2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< End of report >

[/log]

[b]RSIT:[/b]

[b]info:[/b]
[log]info.txt logfile of random's system information tool 1.09 2012-02-01 14:45:53

======Uninstall list======

-->MsiExec /X{9530AE42-DAE1-4619-9594-B23487285D17}
Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Reader 9.5.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A95000000001}
And Yet It Moves-->"D:\GRY\Steam\steam.exe" steam://uninstall/18700
ASRock eXtreme Tuner v0.1.54-->"C:\Program Files (x86)\ASRock Utility\AXTU\unins000.exe"
ASRock InstantBoot v1.26-->"C:\Program Files (x86)\ASRock Utility\InstantBoot\unins000.exe"
avast! Free Antivirus-->C:\PROGRAMY\Avast\aswRunDll.exe "C:\PROGRAMY\Avast\Setup\setiface.dll" RunSetup
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
BIT.TRIP RUNNER-->"D:\GRY\Steam\steam.exe" steam://uninstall/63710
Cogs-->"D:\GRY\Steam\steam.exe" steam://uninstall/26500
Commandos 2: Men of Courage-->"D:\GRY\Steam\steam.exe" steam://uninstall/6830
Commandos 3: Destination Berlin-->"D:\GRY\Steam\steam.exe" steam://uninstall/6840
Commandos: Behind Enemy Lines-->"D:\GRY\Steam\steam.exe" steam://uninstall/6800
Commandos: Beyond the Call of Duty-->"D:\GRY\Steam\steam.exe" steam://uninstall/6810
Counter-Strike: Source-->"D:\GRY\Steam\steam.exe" steam://uninstall/240
Crayon Physics Deluxe-->"D:\GRY\Steam\steam.exe" steam://uninstall/26900
DiRT 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/12840
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
Etron USB3.0 Host Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}\setup.exe" -runfromtemp -l0x0409 -removeonly
Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}
F1Liga Updater 1.40.36-->"D:\GRY\rFactor\F1Liga Updater\unins000.exe"
F1RFT 2011 FINAL-->D:\GRY\rFactor\F1RFTData\F1RFT 2011 Final Uninstall.exe
F1RFT 2011 UPDATE-->D:\GRY\rFactor\F1RFTData\F1RFT 2011 Final Uninstall.exe
FIFA 12-->"C:\Program Files (x86)\Common Files\EAInstaller\FIFA 12\Cleanup.exe" uninstall_game -autologging
Fraps (remove only)-->"C:\PROGRAMY\Fraps\uninstall.exe"
Freemake Video Converter wersja 3.0.1-->"C:\PROGRAMY\Freemake Video Converter\Freemake Video Converter\Uninstall\unins000.exe"
Grand Theft Auto 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/12180
Grand Theft Auto III-->"D:\GRY\Steam\steam.exe" steam://uninstall/12100
Grand Theft Auto IV-->"D:\GRY\Steam\steam.exe" steam://uninstall/12210
Grand Theft Auto: Episodes from Liberty City-->"D:\GRY\Steam\steam.exe" steam://uninstall/12220
Grand Theft Auto: Vice City-->"D:\GRY\Steam\steam.exe" steam://uninstall/12110
Grand Theft Auto-->"D:\GRY\Steam\steam.exe" steam://uninstall/12170
Hammerfight-->"D:\GRY\Steam\steam.exe" steam://uninstall/41100
Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall
Intel® Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall
Jamestown-->"D:\GRY\Steam\steam.exe" steam://uninstall/94200
K-Lite Codec Pack 8.1.0 (Full)-->"C:\PROGRAMY\K-Lite Codec Pack\unins000.exe"
Left 4 Dead 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/550
Logitech Gaming Software-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{648F9C94-EC44-487B-9DA4-44ED72A082CC}\setup.exe" -l0x9
Łatka polonizacyjna GTA IV v1.0-->"D:\GRY\Steam\steamapps\common\grand theft auto iv\GTAIV\Spolszczenie\Deinstalator.exe"
marvell 91xx driver-->C:\Program Files (x86)\Marvell\mv91xx\uninst-91xx.exe
Max Payne 2: The Fall of Max Payne-->"D:\GRY\Steam\steam.exe" steam://uninstall/12150
Max Payne-->"D:\GRY\Steam\steam.exe" steam://uninstall/12140
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mozilla Firefox 10.0 (x86 pl)-->C:\PROGRAMY\Mozilla Firefox\uninstall\helper.exe
MSI Afterburner 2.2.0 Beta 9-->"C:\PROGRAMY\MSI Afterburner\uninstall.exe"
NightSky-->"D:\GRY\Steam\steam.exe" steam://uninstall/99700
NVIDIA PhysX-->MsiExec.exe /X{9530AE42-DAE1-4619-9594-B23487285D17}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
Oddworld: Abe's Exoddus-->"D:\GRY\Steam\steam.exe" steam://uninstall/15710
Oddworld: Abe's Oddysee-->"D:\GRY\Steam\steam.exe" steam://uninstall/15700
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
Orcs Must Die!-->"D:\GRY\Steam\steam.exe" steam://uninstall/102600
Origin-->D:\GRY\Origin\OriginUninstall.exe
Portal 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/620
Portal-->"D:\GRY\Steam\steam.exe" steam://uninstall/400
PunkBuster Services-->D:\GRY\Battlefield 3\pbsvc.exe -u
Rapture3D 2.3.26 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
rFactor (remove only)-->"D:\GRY\rFactor\Uninstall.exe"
RocketDock 1.3.5-->"C:\PROGRAMY\RocketDock\unins000.exe"
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Shank-->"D:\GRY\Steam\steam.exe" steam://uninstall/6120
SpeedFan (remove only)-->"C:\PROGRAMY\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\PROGRAMY\Spybot - Search & Destroy\unins000.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Super Meat Boy-->"D:\GRY\Steam\steam.exe" steam://uninstall/40800
Team Fortress 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/440
TeamSpeak 3 Client-->"C:\PROGRAMY\TeamSpeak 3 Client\uninstall.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
vShare.tv plugin 1.3-->C:\Program Files (x86)\vShare.tv plugin\uninst.exe
VVVVVV-->"D:\GRY\Steam\steam.exe" steam://uninstall/70300
Warcraft II BNE-->C:\Windows\W2BNEUnin.exe C:\Windows\W2BNEUnin.dat
Warcraft III-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Warcraft III\Uninstall.exe
XFastUsb-->C:\Program Files (x86)\XFastUsb\Uninstall.exe

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Cryptographic Services weszła w stan stopped.
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Modules Installer weszła w stan stopped.
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Software Protection weszła w stan stopped.
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Windows Event Log weszła w stan stopped.
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Usługa Volume Shadow Copy weszła w stan stopped.
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informacje
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 412
Message: Catalog Database (320) Catalog Database: Nie można odczytać nagłówka pliku dziennika C:\Windows\system32\CatRoot2\edb.log. Błąd -546.
Record Number: 5
Source Name: ESENT
Time Written: 20111213222634.000000-000
Event Type: Błędy
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20111213222632.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20111213222630.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Usługa profilów użytkowników została uruchomiona pomyślnie.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20111213222622.873321-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20111213222623.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Zmieniono grupę lokalną z włączonymi zabezpieczeniami.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: 37L4247E29-32$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Grupa:
Identyfikator zabezpieczeń: S-1-5-32-551
Nazwa grupy: Operatorzy kopii zapasowych
Domena grupy: Builtin

Zmienione atrybuty:
Nazwa konta SAM: -
Historia identyfikatora SID: -

Informacje dodatkowe:
Uprawnienia: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111213222605.479291-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Utworzono grupę lokalną z włączonymi zabezpieczeniami.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: 37L4247E29-32$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Nowa grupa:
Identyfikator zabezpieczeń: S-1-5-32-551
Nazwa grupy: Operatorzy kopii zapasowych
Domena grupy: Builtin

Atrybuty:
Nazwa konta SAM: Operatorzy kopii zapasowych
Historia identyfikatora SID: -

Informacje dodatkowe:
Uprawnienia: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111213222605.463691-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Utworzono tabelę zasad inspekcji użytkownika.

Liczba elementów: 0
Identyfikator zasad: 0x31c89
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111213222604.964490-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-0-0
Nazwa konta: -
Domena konta: -
Identyfikator logowania: 0x0

Typ logowania: 0

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x4
Nazwa procesu:

Informacje o sieci:
Nazwa stacji roboczej: -
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: -
Pakiet uwierzytelniania: -
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111213222601.906885-000
Event Type: Sukcesy inspekcji
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Trwa uruchamianie systemu Windows.

To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111213222601.828884-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07

-----------------EOF-----------------

[/log]
[b]log:[/b]
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by XXX at 2012-02-01 14:45:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 64 GB (62%) free of 103 GB
Total RAM: 8175 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:45:53, on 2012-02-01
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\PROGRAMY\RocketDock\RocketDock.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\PROGRAMY\Avast\AvastUI.exe
C:\PROGRAMY\Mozilla Firefox\firefox.exe
C:\Users\XXX\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\XXX.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [avast] "C:\PROGRAMY\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\PROGRAMY\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-21-3432695862-1466099892-265281002-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3432695862-1466099892-265281002-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\PROGRAMY\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7668 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\p00tn3qh.default

prefs.js - "browser.startup.homepage" - "www.google.pl"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.110.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\PROGRAMY\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\PROGRAMY\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\PROGRAMY\Mozilla Firefox\plugins\
nppdf32.dll
npvsharetvplg.dll

C:\PROGRAMY\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
IE5BarLauncherBHO Class - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll [2011-09-22 177712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - VShareToolBar - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll [2011-09-22 177712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160]
"avast"=C:\PROGRAMY\Avast\avastUI.exe [2011-11-28 3744552]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ASRockXTU"= []
"zASRockInstantBoot"= []
"RocketDock"=C:\PROGRAMY\RocketDock\RocketDock.exe [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-02-01 14:45:31 ----D---- C:\rsit
2012-02-01 14:45:31 ----D---- C:\Program Files (x86)\trend micro
2012-01-31 15:42:26 ----A---- C:\Windows\SysWOW64\webio.dll
2012-01-31 15:42:26 ----A---- C:\Windows\SysWOW64\sspicli.dll
2012-01-31 15:42:26 ----A---- C:\Windows\SysWOW64\secur32.dll
2012-01-31 15:42:26 ----A---- C:\Windows\SysWOW64\schannel.dll
2012-01-27 20:48:16 ----SHD---- C:\Config.Msi
2012-01-14 18:59:57 ----D---- C:\Windows\XSxS
2012-01-14 18:59:57 ----D---- C:\Program Files (x86)\Xenocode
2012-01-12 22:35:06 ----A---- C:\Windows\SysWOW64\LWCtPl.dll
2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\WMWizard.dll
2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\W9XdInst.dll
2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\W9xDAPI.dll
2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\drivers\LUsbSys.sys
2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\drivers\LHidLo.sys
2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\drivers\LHidHi.sys
2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\drivers\ihidfilt.sys
2012-01-12 22:35:00 ----D---- C:\Program Files (x86)\Common Files\Logitech
2012-01-12 22:35:00 ----A---- C:\Windows\SysWOW64\WmJoyFrc.dll
2012-01-12 22:35:00 ----A---- C:\Windows\SysWOW64\LFLoad.sys
2012-01-12 22:34:49 ----D---- C:\Program Files (x86)\Logitech
2012-01-12 19:14:37 ----A---- C:\Windows\SysWOW64\rapture3d_oal.dll
2012-01-12 19:14:37 ----A---- C:\Windows\SysWOW64\mkl_blueripple.dll
2012-01-12 19:14:36 ----D---- C:\Program Files (x86)\BRS
2012-01-11 22:27:12 ----D---- C:\ProgramData\Codemasters
2012-01-11 17:11:50 ----D---- C:\Windows\WindowsMobile
2012-01-11 15:53:37 ----A---- C:\Windows\SysWOW64\quartz.dll
2012-01-11 15:53:37 ----A---- C:\Windows\SysWOW64\qdvd.dll
2012-01-11 15:53:32 ----A---- C:\Windows\SysWOW64\ntdll.dll
2012-01-11 15:53:31 ----A---- C:\Windows\SysWOW64\packager.dll
2012-01-08 18:08:47 ----A---- C:\Windows\W2BNEUnin.pif
2012-01-08 18:08:46 ----A---- C:\Windows\W2BNEUnin.exe
2012-01-08 18:08:35 ----A---- C:\Windows\W2BNEUnin.dat
2012-01-07 15:11:23 ----D---- C:\Users\XXX\AppData\Roaming\Nicalis
2012-01-07 14:46:18 ----D---- C:\Users\XXX\AppData\Roaming\Crayon Physics Deluxe
2012-01-07 14:32:23 ----D---- C:\Program Files (x86)\OpenAL
2012-01-07 14:32:23 ----A---- C:\Windows\SysWOW64\wrap_oal.dll
2012-01-07 14:32:23 ----A---- C:\Windows\SysWOW64\OpenAL32.dll
2012-01-07 14:20:55 ----D---- C:\Users\XXX\AppData\Roaming\Broken Rules
2012-01-07 14:20:54 ----A---- C:\Windows\d3dx.dat
2012-01-03 22:25:20 ----D---- C:\Program Files (x86)\vShare.tv plugin

======List of files/folders modified in the last 1 month======

2012-02-01 14:45:33 ----D---- C:\Windows\Temp
2012-02-01 14:45:31 ----RD---- C:\Program Files (x86)
2012-02-01 14:30:44 ----D---- C:\Windows\System32
2012-02-01 14:30:44 ----D---- C:\Windows\inf
2012-02-01 14:23:16 ----D---- C:\Windows
2012-02-01 14:23:16 ----D---- C:\ProgramData\NVIDIA
2012-01-31 19:46:22 ----D---- C:\Windows\SysWOW64
2012-01-31 19:46:17 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
2012-01-31 19:44:52 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2012-01-31 17:00:35 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-01-31 16:40:54 ----D---- C:\Windows\SoftwareDistribution
2012-01-31 16:38:01 ----D---- C:\Windows\winsxs
2012-01-31 16:35:25 ----SHD---- C:\System Volume Information
2012-01-31 16:00:00 ----SD---- C:\Users\XXX\AppData\Roaming\Microsoft
2012-01-30 17:11:12 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2012-01-29 15:27:22 ----D---- C:\Users\XXX\AppData\Roaming\Media Player Classic
2012-01-28 02:06:30 ----D---- C:\Users\XXX\AppData\Roaming\Skype
2012-01-27 20:48:43 ----SHD---- C:\Windows\Installer
2012-01-27 20:48:34 ----D---- C:\ProgramData\Adobe
2012-01-27 20:48:34 ----D---- C:\Program Files (x86)\Common Files\Adobe
2012-01-27 20:48:33 ----D---- C:\Program Files (x86)\Adobe
2012-01-15 20:11:10 ----D---- C:\Windows\Logs
2012-01-15 17:20:26 ----SD---- C:\ProgramData\Microsoft
2012-01-15 17:19:57 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2012-01-12 22:35:01 ----D---- C:\Windows\SysWOW64\drivers
2012-01-12 22:35:00 ----D---- C:\Program Files (x86)\Common Files
2012-01-12 22:34:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-01-12 20:57:30 ----D---- C:\Windows\debug
2012-01-12 18:29:40 ----D---- C:\Windows\Microsoft.NET
2012-01-12 18:29:16 ----RSD---- C:\Windows\assembly
2012-01-11 22:27:12 ----HD---- C:\ProgramData
2012-01-11 20:04:20 ----D---- C:\Windows\ehome
2012-01-07 18:03:49 ----D---- C:\Program Files (x86)\Common Files\Steam
2012-01-07 14:32:23 ----D---- C:\Windows\SysWOW64\directx
2012-01-03 18:15:57 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []
R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 FNETURPX;FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys []
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WINUSB;Sterownik WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\PROGRAMY\Avast\AvastSvc.exe [2011-11-28 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2011-12-17 2348864]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-03 76888]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-12-17 381248]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-14 1045256]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-05 419624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]

-----------------EOF-----------------

[/log]

Natsuki Kuga
komentarz
komentarz

Kosmetyka:
[code]
:OTL
MsConfig:64bit - State: "startup" - Reg Error: Key error.

:Commands
[emptytemp]
[/code]
[b]Wykonaj skrypt.[/b]

W OTL kliknij [b]Sprzątanie[/b] - to usunie go wraz z jego kwarantanną. RSIT też możesz usunąć.

Logi czyste, nie ma nic do usuwania.

  • Dobra wypowiedź 1
Marooooo
komentarz
komentarz

Wielkie dzięki :)

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.