Wolny komputer, i skaczace zuzycie procesora

[roco]

witam,
problem pojawil sie kilka dni temu, zauwazylem w filmach lepszej jakosci ze sa strasznie spowolnione, komputer rowniez zaczal wolniej dzialac. co wiecej, jezeli stoi spokojnie i nic na nim nie robie to zuzycie procesora skacze od 1-2 do 50 i 100 %

niestety nie wstawie loga z gmera, poniewaz przy generowaniu wyskakuje bluescreen, i komp sie restartuje ;/

log z OTL

Kod: Zaznacz wszystko

OTL logfile created on: 2011-01-13 23:46:00 - Run 1
OTL by OldTimer - Version 3.2.20.2     Folder = C:\Users\robert\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 11,31 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive D: | 106,68 Gb Total Space | 14,52 Gb Free Space | 13,61% Space Free | Partition Type: NTFS

Computer Name: ROBERT-PC | User Name: robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-01-13 23:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\robert\Desktop\OTL.exe
PRC - [2010-12-10 14:26:53 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008-06-11 11:11:01 | 000,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exe
PRC - [2008-03-20 11:04:46 | 002,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe
PRC - [2008-01-21 03:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2008-01-21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-21 03:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2007-12-26 22:38:32 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007-10-24 03:02:15 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
PRC - [2007-10-24 03:02:13 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
PRC - [2007-09-03 11:39:21 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-08-31 10:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007-08-28 04:48:39 | 000,655,360 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2007-08-03 20:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007-08-03 04:52:40 | 000,778,240 | ---- | M] () -- C:\Program Files\P4P\P4P.exe
PRC - [2007-02-22 15:32:29 | 000,140,832 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\IfxPsdSv.exe
PRC - [2007-02-06 18:29:59 | 000,065,536 | R--- | M] (Cognizance Corporation) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
PRC - [2007-01-23 13:15:13 | 000,181,792 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
PRC - [2007-01-23 13:02:43 | 000,546,336 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\IfxUAGUI.exe
PRC - [2007-01-23 13:00:33 | 000,661,024 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\SpTNA.exe
PRC - [2006-11-02 16:27:32 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-01-13 23:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\robert\Desktop\OTL.exe
MOD - [2008-01-21 03:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
MOD - [2006-07-12 09:54:59 | 000,056,832 | R--- | M] (Cognizance Corporation) -- C:\Windows\System32\APSHook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] --  -- (ATKGFNEXSrv)
SRV - [2010-04-22 10:53:47 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008-09-26 07:41:07 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008-08-14 21:50:57 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008-06-11 10:59:56 | 000,356,864 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\System32\HFGService.dll -- (HFGService)
SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-21 03:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 03:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-10-24 03:02:15 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE -- (IAANTMON) Intel(R)
SRV - [2007-10-03 05:53:00 | 000,094,208 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007-08-31 10:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007-08-23 13:34:59 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007-08-22 00:20:59 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007-08-03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007-02-22 15:32:29 | 000,140,832 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Windows\System32\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2007-02-06 18:29:59 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2006-06-21 11:13:59 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASChnl.dll -- (ASChannel)
SRV - [2005-11-14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-02-28 17:43:28 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-01-20 17:25:08 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008-09-12 08:33:24 | 000,270,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081108.003\IDSvix86.sys -- (IDSvix86)
DRV - [2008-09-05 14:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008-09-02 09:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2008-08-20 09:00:00 | 000,873,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20081109.021\NAVEX15.SYS -- (NAVEX15)
DRV - [2008-08-20 09:00:00 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20081109.021\NAVENG.SYS -- (NAVENG)
DRV - [2008-07-30 16:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008-06-13 13:14:02 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2008-06-13 13:13:40 | 000,184,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008-06-13 13:13:40 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2008-06-13 13:13:38 | 000,096,432 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2008-06-13 13:13:38 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008-06-13 13:13:38 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008-06-11 10:59:56 | 000,036,352 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthav.sys -- (bthav)
DRV - [2008-06-11 10:59:56 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV - [2008-01-21 03:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 03:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008-01-21 03:23:26 | 000,050,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstape.sys -- (MSTAPE)
DRV - [2008-01-21 03:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 03:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 03:23:22 | 000,030,208 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irstusb.sys -- (STIrUsb)
DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 03:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008-01-21 03:23:20 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avcstrm.sys -- (AVCSTRM)
DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-12-06 11:12:47 | 000,196,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007-12-05 11:17:59 | 008,241,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-11-30 22:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007-11-30 22:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007-11-30 22:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007-10-31 12:55:59 | 000,046,592 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l160x86.sys -- (AtcL001)
DRV - [2007-10-25 16:05:57 | 000,483,840 | ---- | M] (DiBcom) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700)
DRV - [2007-10-02 12:53:01 | 000,220,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R)
DRV - [2007-10-01 07:59:45 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007-09-29 16:03:11 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007-09-26 23:03:42 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2007-09-05 10:36:25 | 001,953,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-08-28 04:53:47 | 001,019,136 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2007-08-08 16:38:59 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007-08-08 13:42:07 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007-08-03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007-07-30 04:54:01 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007-07-30 03:42:57 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007-06-20 21:51:27 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007-06-17 05:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007-04-24 16:52:10 | 000,016,688 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\System32\drivers\LUMDriver.sys -- (LUMDriver)
DRV - [2007-01-24 11:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2007-01-23 13:07:29 | 000,039,080 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2006-12-14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 08:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2006-05-16 18:13:59 | 000,023,232 | R--- | M] (Cognizance Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\itsdisk.sys -- (ItSDisk)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.o2.pl"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-10 14:26:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-10 14:26:55 | 000,000,000 | ---D | M]

[2008-08-12 13:59:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\robert\AppData\Roaming\mozilla\Extensions
[2011-01-13 22:16:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\robert\AppData\Roaming\mozilla\Firefox\Profiles\3jnzmhjw.default\extensions
[2010-11-19 21:14:57 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\robert\AppData\Roaming\mozilla\Firefox\Profiles\3jnzmhjw.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010-10-14 19:14:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\robert\AppData\Roaming\mozilla\Firefox\Profiles\3jnzmhjw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008-08-12 13:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-01-19 20:56:25 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-19 20:56:25 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-19 20:56:25 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-19 20:56:25 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-19 20:56:25 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-19 20:56:25 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\P4P\P4P.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKU\.DEFAULT..\RunOnce: []  File not found
O4 - HKU\S-1-5-18..\RunOnce: []  File not found
O4 - HKU\S-1-5-19..\RunOnce: []  File not found
O4 - HKU\S-1-5-20..\RunOnce: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - AppInit_DLLs: (APSHook.dll) - C:\Windows\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\robert\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\robert\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-09-24 16:14:42 | 000,000,000 | ---D | M] - D:\Autocad 2008pl -- [ NTFS ]
O33 - MountPoints2\{02f1f1ac-f0d3-11df-9ace-001fc67ebad9}\Shell\AutoRun\command - "" = F:\io3yalc.exe
O33 - MountPoints2\{02f1f1ac-f0d3-11df-9ace-001fc67ebad9}\Shell\open\Command - "" = F:\io3yalc.exe
O33 - MountPoints2\{279557c0-e098-11dd-b068-001de073f37f}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe
O33 - MountPoints2\{279557c0-e098-11dd-b068-001de073f37f}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe
O33 - MountPoints2\{4ee6cff9-4c83-11df-a1df-001fc67ebad9}\Shell - "" = AutoRun
O33 - MountPoints2\{4ee6cff9-4c83-11df-a1df-001fc67ebad9}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{f59d3041-1854-11de-8871-001fc67ebad9}\Shell\AutoRun\command - "" = yt8a.exe
O33 - MountPoints2\{f59d3041-1854-11de-8871-001fc67ebad9}\Shell\Explore\Command - "" = yt8a.exe
O33 - MountPoints2\{f59d3041-1854-11de-8871-001fc67ebad9}\Shell\Open\Command - "" = yt8a.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-01-13 23:02:34 | 000,880,624 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\robert\Desktop\SPTDinst-v162-x86.exe
[2011-01-13 22:59:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\robert\Desktop\OTL.exe
[2011-01-13 22:59:12 | 000,000,000 | ---D | C] -- C:\Users\robert\Desktop\gmer
[2011-01-12 22:19:54 | 000,000,000 | ---D | C] -- C:\Users\robert\Desktop\cwiczenie 4
[2011-01-12 10:12:58 | 000,000,000 | ---D | C] -- C:\Users\robert\Desktop\blad dyskretyzacji
[2007-01-24 11:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-01-13 23:49:01 | 003,932,160 | -HS- | M] () -- C:\Users\robert\NTUSER.DAT
[2011-01-13 23:45:28 | 001,600,764 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011-01-13 23:45:28 | 000,708,764 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-01-13 23:45:28 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-01-13 23:45:28 | 000,144,730 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-01-13 23:45:28 | 000,119,072 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-01-13 23:39:29 | 000,163,326 | ---- | M] () -- C:\Users\robert\AppData\Roaming\nvModes.001
[2011-01-13 23:38:06 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-01-13 23:38:05 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-01-13 23:37:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011-01-13 23:37:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-01-13 23:37:38 | 388,566,196 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011-01-13 23:29:01 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011-01-13 23:29:00 | 000,065,536 | -HS- | M] () -- C:\Users\robert\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2011-01-13 23:28:59 | 000,524,288 | -HS- | M] () -- C:\Users\robert\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2011-01-13 23:09:09 | 004,365,030 | -H-- | M] () -- C:\Users\robert\AppData\Local\IconCache.db
[2011-01-13 23:02:42 | 000,880,624 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\robert\Desktop\SPTDinst-v162-x86.exe
[2011-01-13 23:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\robert\Desktop\OTL.exe
[2011-01-13 21:17:23 | 000,244,224 | ---- | M] () -- C:\Users\robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-13 15:38:24 | 000,012,320 | ---- | M] () -- C:\Users\robert\Documents\rozliczenia.xlsx
[2011-01-13 15:18:15 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F0F57A8F-C192-433B-8777-2623F3374258}.job
[2011-01-12 21:14:14 | 000,084,800 | ---- | M] () -- C:\Users\robert\Documents\dzwignia na macka.dwg
[2011-01-12 20:10:15 | 000,065,120 | ---- | M] () -- C:\Users\robert\Documents\dzwignia na macka.bak
[2011-01-11 16:20:50 | 000,163,326 | ---- | M] () -- C:\Users\robert\AppData\Roaming\nvModes.dat
[2011-01-10 20:02:32 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - robert.job
[2011-01-10 18:50:41 | 000,016,138 | ---- | M] () -- C:\Users\robert\Desktop\pomiar temperatur.xlsx
[2011-01-10 18:49:10 | 000,660,742 | ---- | M] () -- C:\Users\robert\Desktop\pomiary temperatur.docx
[2011-01-09 16:53:51 | 000,014,160 | ---- | M] () -- C:\Users\robert\Desktop\cw 19.xlsx
[2011-01-04 23:06:26 | 000,080,311 | ---- | M] () -- C:\Users\robert\Desktop\wentylatory cw 19.docx
[2011-01-03 21:22:33 | 000,737,280 | ---- | M] () -- C:\Users\robert\Desktop\pomiary temperatur.doc
[2011-01-01 19:28:21 | 000,089,456 | ---- | M] () -- C:\Users\robert\Documents\Default2.sfvidcap
[2010-12-28 23:27:57 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-01-13 23:24:14 | 388,566,196 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011-01-12 21:14:14 | 000,065,120 | ---- | C] () -- C:\Users\robert\Documents\dzwignia na macka.bak
[2011-01-12 20:05:24 | 000,084,800 | ---- | C] () -- C:\Users\robert\Documents\dzwignia na macka.dwg
[2011-01-04 17:34:56 | 000,014,160 | ---- | C] () -- C:\Users\robert\Desktop\cw 19.xlsx
[2011-01-04 16:23:10 | 000,080,311 | ---- | C] () -- C:\Users\robert\Desktop\wentylatory cw 19.docx
[2011-01-03 21:21:35 | 000,737,280 | ---- | C] () -- C:\Users\robert\Desktop\pomiary temperatur.doc
[2011-01-03 16:59:27 | 000,016,138 | ---- | C] () -- C:\Users\robert\Desktop\pomiar temperatur.xlsx
[2011-01-02 22:52:56 | 000,660,742 | ---- | C] () -- C:\Users\robert\Desktop\pomiary temperatur.docx
[2010-05-06 12:51:54 | 004,365,030 | -H-- | C] () -- C:\Users\robert\AppData\Local\IconCache.db
[2010-04-29 16:09:55 | 000,167,936 | ---- | C] () -- C:\Windows\System32\dxf.dll
[2010-04-22 16:02:58 | 000,000,000 | ---- | C] () -- C:\ProgramData\proba.$$$
[2009-03-18 17:30:25 | 000,022,328 | ---- | C] () -- C:\Users\robert\AppData\Roaming\PnkBstrK.sys
[2009-02-28 17:00:13 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009-01-12 17:30:46 | 000,031,007 | ---- | C] () -- C:\Users\robert\AppData\Roaming\UserTile.png
[2008-11-24 17:39:29 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008-08-12 18:03:22 | 000,163,326 | ---- | C] () -- C:\Users\robert\AppData\Roaming\nvModes.001
[2008-08-12 18:03:16 | 000,163,326 | ---- | C] () -- C:\Users\robert\AppData\Roaming\nvModes.dat
[2008-08-12 12:35:23 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008-08-11 16:09:57 | 000,244,224 | ---- | C] () -- C:\Users\robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-08-11 15:12:42 | 000,159,944 | ---- | C] () -- C:\Users\robert\AppData\Local\GDIPFONTCACHEV1.DAT
[2008-06-11 11:11:07 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008-04-18 00:45:31 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008-01-21 03:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2008-01-21 03:24:29 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2008-01-21 03:24:13 | 000,164,746 | RHS- | C] () -- C:\Users\robert\AppData\Roaming\uerjda.dll
[2007-10-02 12:52:13 | 000,167,936 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2007-10-01 07:59:45 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007-05-09 08:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006-11-02 13:50:50 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 11:33:01 | 001,600,764 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[2006-11-02 11:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2006-11-02 11:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\win.ini
[2006-11-02 11:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 08:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys
[2006-11-02 08:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS
[2006-11-02 08:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS
[2006-11-02 08:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS
[2006-11-02 08:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS
[2006-11-02 08:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS
[2006-11-02 08:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS
[2006-11-02 08:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS
[2006-11-02 08:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS
[2006-11-02 08:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS
[2006-11-02 08:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS
[2006-11-02 08:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS
[2006-11-02 08:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS
[2006-11-02 08:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS
[2006-11-02 08:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS
[2006-11-02 07:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll
[2006-03-09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005-04-03 00:29:59 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[1998-05-06 05:09:59 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2008-08-23 16:32:32 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Infineon
[2009-12-14 16:51:21 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Ansys
[2010-10-06 17:06:08 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Autodesk
[2010-09-26 18:40:27 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\BESTplayer
[2009-06-30 08:53:25 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\BlackBean
[2010-11-15 18:27:28 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\DassaultSystemes
[2010-11-26 19:13:15 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\DraftSight
[2010-10-16 11:58:27 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\EPSON
[2008-08-16 08:53:04 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Gadu-Gadu
[2010-12-08 17:47:16 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\HEXelon
[2008-08-11 15:12:47 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Infineon
[2008-08-17 16:32:28 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\IrfanView
[2009-02-28 16:58:20 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Leadertech
[2009-01-12 17:30:46 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\PeerNetworking
[2008-08-16 16:00:07 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Publish Providers
[2008-09-14 11:31:14 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Sony
[2010-10-07 09:13:57 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Unigraphics Solutions
[2011-01-13 23:29:01 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011-01-13 15:18:15 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F0F57A8F-C192-433B-8777-2623F3374258}.job

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:888AFB86

< End of report >

Kod: Zaznacz wszystko

OTL Extras logfile created on: 2011-01-13 23:46:00 - Run 1
OTL by OldTimer - Version 3.2.20.2     Folder = C:\Users\robert\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 11,31 Gb Free Space | 9,71% Space Free | Partition Type: NTFS
Drive D: | 106,68 Gb Total Space | 14,52 Gb Free Space | 13,61% Space Free | Partition Type: NTFS

Computer Name: ROBERT-PC | User Name: robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*"
.txt [@ = txtfile] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.reg [@ = regfile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- Reg Error: Key error.
txtfile [print] -- Reg Error: Key error.
txtfile [printto] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
"DisableConfig" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07DAA466-A957-426C-9E36-74C7836F5114}" = lport=138 | protocol=17 | dir=in | app=system |
"{3212504C-C38F-47B2-8BC2-770C0D8751EF}" = rport=445 | protocol=6 | dir=out | app=system |
"{3F6CBD89-1AB9-40DD-A234-9513C24E97C8}" = rport=138 | protocol=17 | dir=out | app=system |
"{4BD534C5-A0D3-4A57-B6C9-57A5D0A7FEE6}" = lport=139 | protocol=6 | dir=in | app=system |
"{4E962556-B8FF-4392-B99D-A23A18DDF9C1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5CAC4367-25B0-4EEE-80CF-550653189543}" = rport=137 | protocol=17 | dir=out | app=system |
"{70C4E6E9-AE6F-44AB-B4FA-86667BEE52F6}" = lport=445 | protocol=6 | dir=in | app=system |
"{9360DEDD-570B-4609-A595-EFAD9F56E6D1}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9D4ED0DF-3746-4496-8674-0468808EF230}" = rport=139 | protocol=6 | dir=out | app=system |
"{C700FCCE-97E4-43E0-A892-8526F851612A}" = lport=137 | protocol=17 | dir=in | app=system |
"{E0EB37C3-2B16-453D-A3BA-04A08D1C6372}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FB09F7F5-337A-4A68-9E4E-AD081E6E3259}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FBE4D813-FFC4-4054-B8A1-9F54C038353A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16F6CBFA-3071-49E3-AF73-20504186A8E5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2F01BD6D-F627-491B-88E9-7D80C0A0A493}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3C4481EF-79A4-4CD9-9B69-4D77368B66BA}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{3FDA90B8-AEA7-4DA0-85D6-F13EA138B398}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6DCCF292-B8F4-484F-AE5F-C6104E97AB4B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CAB34CDB-A509-408E-AE91-49221EA94E49}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{D0F4E2DE-E489-447C-95CE-556D47F4F1A1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DDD692C2-B9AD-49BA-AF36-353FB0874CF6}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{E52B07EB-89FF-48A2-983C-805DD9B3EF4D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E6085418-7816-4513-8D3A-456A25B8512E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{F6760FA1-2C3F-40E1-8D5E-CEF692008DC7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FB4D8AC1-0DB9-4DF0-A987-201E7898009D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{F1FC6103-CF13-46BD-A874-D324B5489C2C}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{3B83D672-9197-44F8-BF98-398D4460D580}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software  1.12.37.1
"{0064319F-4AF1-4CD0-80FB-0F91497F4319}" = Solid Edge V19
"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0
"{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}" = ATK Media
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1FB138CC-5503-4B4A-BC42-81E9C1FF26EE}" = Autodesk Inventor Content Center Libraries 2010 (Desktop Content)
"{2396F815-84E0-4353-83D7-8B190556DA42}" = ASUS CopyProtect
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (AUTODESKVAULT)
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{52969324-463B-4643-BF36-854BE2BECB89}" = Autodesk Inventor Professional 2010
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54110D3A-04AA-454E-B298-444A76BEFAAC}" = Tae Kwon Do World Champion
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{5783F2D7-6001-0415-0002-0060B0CE6BBA}" = AutoCAD 2008 - Polski
"{5783F2D7-8028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2010
"{57B15AD4-8C9D-4164-82BB-E33D8644E757}" = ASUS InstantFun
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{616B741E-6694-438B-BD02-73A79DE6834C}" = MainConcept MCE Encoder
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DE6837F-F3A3-40FF-9F5C-A0B95948E32D}" = Dassault Systemes Software Prerequisites x86
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
"{6EF329B9-C15C-4329-A6B3-E03071AAAECA}" = DraftSight
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{740B10B2-32B1-4D8C-B413-7E514C31FA21}" = SymNet
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{7AEB626F-C883-43F0-A2BB-EAB6904CD75B}" = Symantec Real Time Storage Protection Component
"{7F4DD591-1400-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2010
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CADD3F6-E808-4D48-893D-797B4849DE72}" = Quake Live Mozilla Plugin
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Turbo Memory and Intel® Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A398D0A0-EE68-4CA6-8984-78AEF841CDE7}" = SBK(TM)09
"{ac474156-361a-4a7b-8b6e-977781b92565}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1045-7B44-A81200000003}" = Adobe Reader 8 - Polish
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B32D6CE8-D6C1-4615-8FC4-4EE822F7BD4B}" = SBK(TM)09
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{D104C1CF-7C12-4D32-9850-DDC99060DE5B}" = Infineon TPM Professional Package
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack
"{D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}" = ASUS Security Protect Manager
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}" = Microsoft SQL Server VSS Writer
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"7-Zip" = 7-Zip 4.57
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnalizaKinematycznaMechanizmów" = Analiza Kinematyczna Mechanizmów
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"AutoCAD 2008 - Polski" = AutoCAD 2008 - Polski
"Autodesk Inventor Professional 2010" = Autodesk Inventor Professional 2010 polski (Polish)
"AxisVM 9 Student Version_is1" = AxisVM 9 Student Version (release 1b)
"Belka_is1" = Belka - v.1.0
"Dassault Systemes B19_0" = Dassault Systemes Software B19
"DWG TrueView 2010" = DWG TrueView 2010
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = Oprogramowanie drukarki EPSON
"EPSON Scanner" = EPSON Scan
"FX-TRN-BEG-E" = FX-TRN-BEG-E
"Gadu-Gadu" = Gadu-Gadu 7.7
"InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}" = VistaFeaturePack
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Standard)
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)
"NR Deluxe for Windows Mobile" = NR Deluxe for Windows Mobile
"NVIDIA Drivers" = NVIDIA Drivers
"PROHYBRIDR" = 2007 Microsoft Office system
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 1.8.2
"Side 9 Screensaver" = Side 9 Screensaver
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008)
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"Wał Maszynowy'99" = Wał Maszynowy'99
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >


[wojtas]

ten plik ( jest ukryty)

C:\Users\robert\AppData\Roaming\uerjda.dll

przeskanuj tu
http://virusscan.jotti.org/

i daj raport ze skanu w następnym poście ale najpierw :
Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
O4 - HKU\.DEFAULT..\RunOnce: [] File not found
O4 - HKU\S-1-5-18..\RunOnce: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [] File not found
O4 - HKU\S-1-5-20..\RunOnce: [] File not found
O32 - AutoRun File - [2008-09-24 16:14:42 | 000,000,000 | ---D | M] - D:\Autocad 2008pl -- [ NTFS ]
O33 - MountPoints2\{02f1f1ac-f0d3-11df-9ace-001fc67ebad9}\Shell\AutoRun\command - "" = F:\io3yalc.exe
O33 - MountPoints2\{02f1f1ac-f0d3-11df-9ace-001fc67ebad9}\Shell\open\Command - "" = F:\io3yalc.exe
O33 - MountPoints2\{279557c0-e098-11dd-b068-001de073f37f}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe
O33 - MountPoints2\{279557c0-e098-11dd-b068-001de073f37f}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe
O33 - MountPoints2\{4ee6cff9-4c83-11df-a1df-001fc67ebad9}\Shell - "" = AutoRun
O33 - MountPoints2\{4ee6cff9-4c83-11df-a1df-001fc67ebad9}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{f59d3041-1854-11de-8871-001fc67ebad9}\Shell\AutoRun\command - "" = yt8a.exe
O33 - MountPoints2\{f59d3041-1854-11de-8871-001fc67ebad9}\Shell\Explore\Command - "" = yt8a.exe
O33 - MountPoints2\{f59d3041-1854-11de-8871-001fc67ebad9}\Shell\Open\Command - "" = yt8a.exe
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:888AFB86

:Commands
[emptytemp]
[emptyflash]
[clearallrestorepoints]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).
Przy podpiętym urządzeniu przenośnym (pendrive, telefon - to co jest podłączane do kompa) , uruchom USBFIX z opcji Listing i pokaż raport na forum oraz raport ze skanu pliku

[roco]

ok. wiec po kolei

raport z czyszczenia

Kod: Zaznacz wszystko

All processes killed
========== OTL ==========
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\ deleted successfully.
Registry key HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\ deleted successfully.
File  not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02f1f1ac-f0d3-11df-9ace-001fc67ebad9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02f1f1ac-f0d3-11df-9ace-001fc67ebad9}\ not found.
File F:\io3yalc.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02f1f1ac-f0d3-11df-9ace-001fc67ebad9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02f1f1ac-f0d3-11df-9ace-001fc67ebad9}\ not found.
File F:\io3yalc.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{279557c0-e098-11dd-b068-001de073f37f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{279557c0-e098-11dd-b068-001de073f37f}\ not found.
File F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{279557c0-e098-11dd-b068-001de073f37f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{279557c0-e098-11dd-b068-001de073f37f}\ not found.
File F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ee6cff9-4c83-11df-a1df-001fc67ebad9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ee6cff9-4c83-11df-a1df-001fc67ebad9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ee6cff9-4c83-11df-a1df-001fc67ebad9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ee6cff9-4c83-11df-a1df-001fc67ebad9}\ not found.
File G:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f59d3041-1854-11de-8871-001fc67ebad9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f59d3041-1854-11de-8871-001fc67ebad9}\ not found.
File yt8a.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f59d3041-1854-11de-8871-001fc67ebad9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f59d3041-1854-11de-8871-001fc67ebad9}\ not found.
File yt8a.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f59d3041-1854-11de-8871-001fc67ebad9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f59d3041-1854-11de-8871-001fc67ebad9}\ not found.
File yt8a.exe not found.
ADS C:\ProgramData\TEMP:888AFB86 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User

User: Gość
->Temp folder emptied: 109381 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 75 bytes

User: Public

User: robert
->Temp folder emptied: 268349145 bytes
->Temporary Internet Files folder emptied: 63714708 bytes
->FireFox cache emptied: 91186961 bytes
->Flash cache emptied: 269343 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 58019347 bytes
RecycleBin emptied: 2255150125 bytes

Total Files Cleaned = 2 610,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Gość
->Flash cache emptied: 0 bytes

User: Public

User: robert
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb



OTL by OldTimer - Version 3.2.20.2 log created on 01142011_185124

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\JET868D.tmp not found!

Registry entries deleted on Reboot...


nowy log z OTL

Kod: Zaznacz wszystko

OTL logfile created on: 2011-01-14 19:39:33 - Run 2
OTL by OldTimer - Version 3.2.20.2     Folder = C:\Users\robert\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 14,80 Gb Free Space | 12,71% Space Free | Partition Type: NTFS
Drive D: | 106,68 Gb Total Space | 15,19 Gb Free Space | 14,24% Space Free | Partition Type: NTFS
Drive F: | 7,50 Gb Total Space | 6,62 Gb Free Space | 88,35% Space Free | Partition Type: FAT32

Computer Name: ROBERT-PC | User Name: robert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011-01-13 23:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\robert\Desktop\OTL.exe
PRC - [2010-12-10 14:26:53 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008-10-29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2008-06-11 11:11:01 | 000,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exe
PRC - [2008-01-21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-21 03:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2007-12-26 22:38:32 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007-10-24 03:02:15 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
PRC - [2007-10-24 03:02:13 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
PRC - [2007-09-03 11:39:21 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-08-31 10:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007-08-28 04:48:39 | 000,655,360 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2007-08-03 20:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007-08-03 04:52:40 | 000,778,240 | ---- | M] () -- C:\Program Files\P4P\P4P.exe
PRC - [2007-02-22 15:32:29 | 000,140,832 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\IfxPsdSv.exe
PRC - [2007-02-06 18:29:59 | 000,065,536 | R--- | M] (Cognizance Corporation) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
PRC - [2007-01-23 13:15:13 | 000,181,792 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
PRC - [2007-01-23 13:02:43 | 000,546,336 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\IfxUAGUI.exe
PRC - [2007-01-23 13:00:33 | 000,661,024 | ---- | M] (Infineon Technologies AG) -- C:\Program Files\Infineon\Security Platform Software\SpTNA.exe
PRC - [2006-11-02 16:27:32 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011-01-13 23:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\robert\Desktop\OTL.exe
MOD - [2008-01-21 03:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
MOD - [2006-07-12 09:54:59 | 000,056,832 | R--- | M] (Cognizance Corporation) -- C:\Windows\System32\APSHook.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] --  -- (ATKGFNEXSrv)
SRV - [2010-04-22 10:53:47 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008-10-17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008-09-26 07:41:07 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008-08-14 21:50:57 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008-06-11 10:59:56 | 000,356,864 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Windows\System32\HFGService.dll -- (HFGService)
SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-01-21 03:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008-01-21 03:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-10-24 03:02:15 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE -- (IAANTMON) Intel(R)
SRV - [2007-10-03 05:53:00 | 000,094,208 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007-08-31 10:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007-08-23 13:34:59 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007-08-22 00:20:59 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007-08-03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007-02-22 15:32:29 | 000,140,832 | ---- | M] (Infineon Technologies AG) [Auto | Running] -- C:\Windows\System32\IfxPsdSv.exe -- (PersonalSecureDriveService)
SRV - [2007-02-06 18:29:59 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2006-06-21 11:13:59 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASChnl.dll -- (ASChannel)
SRV - [2005-11-14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2009-02-28 17:43:28 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009-01-20 17:25:08 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008-09-12 08:33:24 | 000,270,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081108.003\IDSvix86.sys -- (IDSvix86)
DRV - [2008-09-05 14:31:42 | 000,447,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008-09-02 09:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2008-09-02 09:00:00 | 000,099,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008-08-20 09:00:00 | 000,873,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20081109.021\NAVEX15.SYS -- (NAVEX15)
DRV - [2008-08-20 09:00:00 | 000,089,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20081109.021\NAVENG.SYS -- (NAVENG)
DRV - [2008-07-30 16:42:12 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008-06-13 13:14:02 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2008-06-13 13:13:40 | 000,184,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008-06-13 13:13:40 | 000,041,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2008-06-13 13:13:38 | 000,096,432 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2008-06-13 13:13:38 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008-06-13 13:13:38 | 000,013,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008-06-11 10:59:56 | 000,036,352 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bthav.sys -- (bthav)
DRV - [2008-06-11 10:59:56 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV - [2008-01-21 03:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008-01-21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008-01-21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008-01-21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008-01-21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008-01-21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008-01-21 03:23:26 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2008-01-21 03:23:26 | 000,050,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstape.sys -- (MSTAPE)
DRV - [2008-01-21 03:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2008-01-21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008-01-21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008-01-21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008-01-21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008-01-21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008-01-21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008-01-21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008-01-21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008-01-21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008-01-21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008-01-21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008-01-21 03:23:23 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008-01-21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008-01-21 03:23:22 | 000,030,208 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irstusb.sys -- (STIrUsb)
DRV - [2008-01-21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008-01-21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008-01-21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008-01-21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008-01-21 03:23:20 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008-01-21 03:23:20 | 000,014,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avcstrm.sys -- (AVCSTRM)
DRV - [2008-01-21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008-01-21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008-01-21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007-12-06 11:12:47 | 000,196,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007-12-05 11:17:59 | 008,241,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007-11-30 22:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007-11-30 22:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007-11-30 22:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007-10-31 12:55:59 | 000,046,592 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\l160x86.sys -- (AtcL001)
DRV - [2007-10-25 16:05:57 | 000,483,840 | ---- | M] (DiBcom) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700)
DRV - [2007-10-02 12:53:01 | 000,220,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R)
DRV - [2007-10-01 07:59:45 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007-09-29 16:03:11 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007-09-26 23:03:42 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2007-09-05 10:36:25 | 001,953,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007-08-28 04:53:47 | 001,019,136 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2007-08-08 16:38:59 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007-08-08 13:42:07 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007-08-03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007-07-30 04:54:01 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007-07-30 03:42:57 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007-06-20 21:51:27 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007-06-17 05:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007-04-24 16:52:10 | 000,016,688 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\System32\drivers\LUMDriver.sys -- (LUMDriver)
DRV - [2007-01-24 11:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2007-01-23 13:07:29 | 000,039,080 | ---- | M] (Infineon Technologies AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\psd.sys -- (PersonalSecureDrive)
DRV - [2006-12-14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006-11-02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 08:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2006-05-16 18:13:59 | 000,023,232 | R--- | M] (Cognizance Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\itsdisk.sys -- (ItSDisk)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
IE - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
IE - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "www.o2.pl"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.5

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-12-10 14:26:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-10 14:26:55 | 000,000,000 | ---D | M]

[2008-08-12 13:59:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\robert\AppData\Roaming\mozilla\Extensions
[2011-01-13 22:16:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\robert\AppData\Roaming\mozilla\Firefox\Profiles\3jnzmhjw.default\extensions
[2010-11-19 21:14:57 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\robert\AppData\Roaming\mozilla\Firefox\Profiles\3jnzmhjw.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010-10-14 19:14:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\robert\AppData\Roaming\mozilla\Firefox\Profiles\3jnzmhjw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008-08-12 13:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010-01-19 20:56:25 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-19 20:56:25 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-19 20:56:25 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-19 20:56:25 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-19 20:56:25 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-19 20:56:25 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\..\Toolbar\WebBrowser: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\P4P\P4P.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu S.A.)
O4 - HKLM..\RunOnce: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-4293749387-1385458667-286968660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - AppInit_DLLs: (APSHook.dll) - C:\Windows\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\robert\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\robert\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-09-24 16:14:42 | 000,000,000 | ---D | M] - D:\Autocad 2008pl -- [ NTFS ]
O32 - AutoRun File - [2010-11-30 17:45:20 | 000,000,000 | ---D | M] - F:\Automatyka_i_robotyka_Instrukcje__HALA_ -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011-01-14 19:27:30 | 000,000,000 | ---D | C] -- C:\UsbFix
[2011-01-14 18:51:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-01-13 23:02:34 | 000,880,624 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\robert\Desktop\SPTDinst-v162-x86.exe
[2011-01-13 22:59:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\robert\Desktop\OTL.exe
[2011-01-13 22:59:12 | 000,000,000 | ---D | C] -- C:\Users\robert\Desktop\gmer
[2011-01-12 22:19:54 | 000,000,000 | ---D | C] -- C:\Users\robert\Desktop\cwiczenie 4
[2007-01-24 11:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011-01-14 19:40:50 | 000,098,279 | ---- | M] () -- C:\Users\robert\Desktop\scan.jpg
[2011-01-14 19:38:52 | 000,163,326 | ---- | M] () -- C:\Users\robert\AppData\Roaming\nvModes.001
[2011-01-14 19:29:33 | 000,708,764 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-01-14 19:29:33 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-01-14 19:29:33 | 000,144,730 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-01-14 19:29:33 | 000,119,072 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-01-14 18:57:30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011-01-14 18:57:30 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011-01-14 18:57:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-01-14 18:56:09 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011-01-14 17:54:32 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F0F57A8F-C192-433B-8777-2623F3374258}.job
[2011-01-14 16:50:23 | 000,247,296 | ---- | M] () -- C:\Users\robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-01-13 23:37:38 | 388,566,196 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011-01-13 23:02:42 | 000,880,624 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\robert\Desktop\SPTDinst-v162-x86.exe
[2011-01-13 23:00:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\robert\Desktop\OTL.exe
[2011-01-13 15:38:24 | 000,012,320 | ---- | M] () -- C:\Users\robert\Documents\rozliczenia.xlsx
[2011-01-12 21:14:14 | 000,084,800 | ---- | M] () -- C:\Users\robert\Documents\dzwignia na macka.dwg
[2011-01-12 20:10:15 | 000,065,120 | ---- | M] () -- C:\Users\robert\Documents\dzwignia na macka.bak
[2011-01-11 16:20:50 | 000,163,326 | ---- | M] () -- C:\Users\robert\AppData\Roaming\nvModes.dat
[2011-01-10 20:02:32 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - robert.job
[2011-01-10 18:50:41 | 000,016,138 | ---- | M] () -- C:\Users\robert\Desktop\pomiar temperatur.xlsx
[2011-01-10 18:49:10 | 000,660,742 | ---- | M] () -- C:\Users\robert\Desktop\pomiary temperatur.docx
[2011-01-09 16:53:51 | 000,014,160 | ---- | M] () -- C:\Users\robert\Desktop\cw 19.xlsx
[2011-01-04 23:06:26 | 000,080,311 | ---- | M] () -- C:\Users\robert\Desktop\wentylatory cw 19.docx
[2011-01-03 21:22:33 | 000,737,280 | ---- | M] () -- C:\Users\robert\Desktop\pomiary temperatur.doc
[2011-01-01 19:28:21 | 000,089,456 | ---- | M] () -- C:\Users\robert\Documents\Default2.sfvidcap
[2010-12-28 23:27:57 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-01-14 19:40:49 | 000,098,279 | ---- | C] () -- C:\Users\robert\Desktop\scan.jpg
[2011-01-13 23:24:14 | 388,566,196 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011-01-12 21:14:14 | 000,065,120 | ---- | C] () -- C:\Users\robert\Documents\dzwignia na macka.bak
[2011-01-12 20:05:24 | 000,084,800 | ---- | C] () -- C:\Users\robert\Documents\dzwignia na macka.dwg
[2011-01-04 17:34:56 | 000,014,160 | ---- | C] () -- C:\Users\robert\Desktop\cw 19.xlsx
[2011-01-04 16:23:10 | 000,080,311 | ---- | C] () -- C:\Users\robert\Desktop\wentylatory cw 19.docx
[2011-01-03 21:21:35 | 000,737,280 | ---- | C] () -- C:\Users\robert\Desktop\pomiary temperatur.doc
[2011-01-03 16:59:27 | 000,016,138 | ---- | C] () -- C:\Users\robert\Desktop\pomiar temperatur.xlsx
[2011-01-02 22:52:56 | 000,660,742 | ---- | C] () -- C:\Users\robert\Desktop\pomiary temperatur.docx
[2010-04-29 16:09:55 | 000,167,936 | ---- | C] () -- C:\Windows\System32\dxf.dll
[2010-04-22 16:02:58 | 000,000,000 | ---- | C] () -- C:\ProgramData\proba.$$$
[2009-03-18 17:30:25 | 000,022,328 | ---- | C] () -- C:\Users\robert\AppData\Roaming\PnkBstrK.sys
[2009-02-28 17:00:13 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009-01-12 17:30:46 | 000,031,007 | ---- | C] () -- C:\Users\robert\AppData\Roaming\UserTile.png
[2008-11-24 17:39:29 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008-08-12 18:03:22 | 000,163,326 | ---- | C] () -- C:\Users\robert\AppData\Roaming\nvModes.001
[2008-08-12 18:03:16 | 000,163,326 | ---- | C] () -- C:\Users\robert\AppData\Roaming\nvModes.dat
[2008-08-12 12:35:23 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008-08-11 16:09:57 | 000,247,296 | ---- | C] () -- C:\Users\robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-06-11 11:11:07 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008-04-18 00:45:31 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008-01-21 03:24:13 | 000,164,746 | RHS- | C] () -- C:\Users\robert\AppData\Roaming\uerjda.dll
[2007-10-02 12:52:13 | 000,167,936 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2007-10-01 07:59:45 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007-05-09 08:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-03-09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005-04-03 00:29:59 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[1998-05-06 05:09:59 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll

[color=#E56717]========== LOP Check ==========[/color]

[2008-08-23 16:32:32 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\Infineon
[2009-12-14 16:51:21 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Ansys
[2010-10-06 17:06:08 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Autodesk
[2010-09-26 18:40:27 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\BESTplayer
[2009-06-30 08:53:25 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\BlackBean
[2010-11-15 18:27:28 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\DassaultSystemes
[2010-11-26 19:13:15 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\DraftSight
[2010-10-16 11:58:27 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\EPSON
[2008-08-16 08:53:04 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Gadu-Gadu
[2010-12-08 17:47:16 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\HEXelon
[2008-08-11 15:12:47 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Infineon
[2008-08-17 16:32:28 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\IrfanView
[2009-02-28 16:58:20 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Leadertech
[2009-01-12 17:30:46 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\PeerNetworking
[2008-08-16 16:00:07 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Publish Providers
[2008-09-14 11:31:14 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Sony
[2010-10-07 09:13:57 | 000,000,000 | ---D | M] -- C:\Users\robert\AppData\Roaming\Unigraphics Solutions
[2011-01-14 18:56:09 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011-01-14 17:54:32 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F0F57A8F-C192-433B-8777-2623F3374258}.job

[color=#E56717]========== Purity Check ==========[/color]



< End of report >


raport z USBFix

Kod: Zaznacz wszystko

############################## | UsbFix 7.037 | [Listing]

User: robert (Administrator) # ROBERT-PC [ASUSTeK Computer Inc. F3Sg]
Updated 10/01/2011 by El Desaparecido / C_XX
Started at 19:27:35 | 14/01/2011
Website: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org

CPU: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz
Microsoft® Windows Vista™ Home Premium  (6.0.6001 32-Bit) # Service Pack 1
Internet Explorer 7.0.6001.18000

Windows Firewall: Disabled /!\
Antivirus: Norton Internet Security 15.0.0.60 [Enabled | (!) Outdated]
Firewall: Norton Internet Security 15.0.0.60 [Enabled]
RAM -> 3070 Mb
C:\ (%systemdrive%) -> Fixed drive # 116 Gb (15 Mb free - 13%) [VistaOS] # NTFS
D:\ -> Fixed drive # 107 Gb (15 Mb free - 14%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> Removable drive # 7 Gb (7 Mb free - 88%) [ROB-DRIVE] # FAT32

################## | Listing |

[23/08/2008 - 16:32:27 | SHD ]    C:\$RECYCLE.BIN
[09/12/2010 - 16:28:32 | D ]    C:\AKMWIN25
[13/02/2010 - 19:50:38 | D ]    C:\Amadis video converter suite Output
[01/12/2008 - 15:35:44 | D ]    C:\AmadisTMP
[18/09/2006 - 22:43:36 | A | 24]    C:\autoexec.bat
[18/04/2008 - 01:02:23 | SHD ]    C:\Boot
[21/01/2008 - 03:24:42 | RASH | 333203]    C:\bootmgr
[18/04/2008 - 01:02:24 | RAS | 8192]    C:\BOOTSECT.BAK
[30/12/2006 - 00:22:40 | A | 7]    C:\CF20.txt
[18/09/2006 - 22:43:37 | A | 10]    C:\config.sys
[26/12/2010 - 22:51:03 | D ]    C:\DATA
[11/06/2008 - 11:15:07 | A | 20907]    C:\devlist.txt
[02/11/2006 - 14:02:03 | SHD ]    C:\Documents and Settings
[19/05/2008 - 10:52:34 | A | 16]    C:\Extra.log
[11/01/2008 - 02:11:23 | RAH | 1048576]    C:\F3Sg.BIN
[15/01/2008 - 10:01:19 | A | 15]    C:\F3Sg_Vista.10
[11/06/2008 - 11:11:44 | A | 9]    C:\Finish.log
[11/06/2008 - 10:21:46 | D ]    C:\Intel
[29/04/2010 - 16:08:54 | RASH | 0]    C:\IO.SYS
[29/04/2010 - 16:08:54 | RASH | 0]    C:\MSDOS.SYS
[11/06/2008 - 09:57:56 | RHD ]    C:\MSOCache
[22/04/2008 - 10:40:32 | A | 31]    C:\NERO.LOG
[01/02/2008 - 20:29:55 | A | 13]    C:\NIS2008.TXT
[16/03/2007 - 00:18:45 | A | 25]    C:\OFFICE2007_F.TXT
[14/01/2011 - 18:57:13 | ASH | 3534204928]    C:\pagefile.sys
[24/09/2009 - 11:36:28 | D ]    C:\Pakiet SPECBUD
[10/06/2008 - 21:54:03 | A | 105]    C:\Pass.txt
[08/05/2008 - 12:48:09 | A | 1948]    C:\Patch.LOG
[21/01/2008 - 03:32:31 | D ]    C:\PerfLogs
[13/01/2011 - 16:23:44 | RD ]    C:\Program Files
[03/01/2011 - 09:01:47 | HD ]    C:\ProgramData
[29/04/2008 - 15:30:15 | A | 20]    C:\READER_F.TXT
[11/12/2007 - 04:31:40 | A | 14]    C:\RECOVERY.DAT
[11/06/2008 - 10:33:45 | A | 426]    C:\RHDSetup.log
[11/06/2008 - 10:50:54 | A | 86]    C:\setup.log
[16/05/2006 - 01:22:24 | A | 5]    C:\store.log
[20/04/2009 - 20:31:19 | D ]    C:\SUBIEKT5
[11/06/2008 - 10:35:39 | A | 166]    C:\SumHidd.txt
[11/06/2008 - 10:34:59 | A | 98]    C:\SumOS.txt
[14/01/2011 - 17:55:22 | SHD ]    C:\System Volume Information
[14/01/2011 - 19:27:32 | D ]    C:\UsbFix
[14/01/2011 - 19:27:32 | A | 2973]    C:\UsbFix.txt
[10/06/2009 - 16:41:26 | D ]    C:\USDownoader
[22/04/2010 - 16:02:58 | RASH | 217]    C:\userlog.sys
[23/08/2008 - 16:30:34 | RD ]    C:\Users
[17/04/2008 - 01:32:52 | A | 24]    C:\V541.TXT
[13/01/2011 - 23:37:38 | D ]    C:\Windows
[14/01/2011 - 18:51:24 | D ]    C:\_OTL
[23/08/2008 - 16:32:28 | SHD ]    D:\$RECYCLE.BIN
[24/09/2008 - 16:14:42 | D ]    D:\Autocad 2008pl
[23/01/2009 - 12:21:06 | D ]    D:\Diablo 2
[30/06/2009 - 08:40:45 | D ]    D:\GRY
[08/03/2009 - 19:04:23 | D ]    D:\Knight Rider
[28/06/2010 - 17:03:13 | D ]    D:\kopie z starego kompa
[28/02/2009 - 16:43:38 | D ]    D:\nfsu
[15/11/2010 - 18:28:21 | D ]    D:\Program Files
[15/11/2010 - 18:28:21 | D ]    D:\ProgramData
[08/01/2011 - 17:20:43 | D ]    D:\programy
[11/06/2008 - 09:49:45 | SHD ]    D:\System Volume Information
[02/01/2011 - 12:31:22 | D ]    D:\The Mentalist
[01/01/2011 - 18:39:52 | D ]    D:\VIDEO
[30/11/2010 - 21:43:16 | D ]    F:\sprawozdania
[11/01/2011 - 22:53:32 | D ]    F:\badanie materialow
[10/08/2010 - 16:14:40 | D ]    F:\engineer
[01/12/2010 - 22:23:04 | D ]    F:\laborka Ansys
[03/10/2010 - 19:44:08 | D ]    F:\terma
[08/12/2010 - 14:10:46 | D ]    F:\cad
[06/01/2011 - 13:33:14 | D ]    F:\remanent
[08/01/2011 - 23:18:34 | D ]    F:\Poomse Taegeuk
[03/10/2010 - 19:44:28 | D ]    F:\Mechanika_plynow_-_laboratorium
[30/09/2010 - 13:14:42 | D ]    F:\Catia
[30/11/2010 - 17:45:20 | D ]    F:\Automatyka_i_robotyka_Instrukcje__HALA_
[16/12/2010 - 12:56:22 | D ]    F:\blad dyskretyzacji

################## | E.O.F |


a raport z skanowania tego pliku uerjda.dll moze byc link? czy screen?
[url]
http://virusscan.jotti.org/pl/scanresult/dc850fac5eda02ff80b7d7cf5adb7cabc704f082/43180fff2a7d2b2052fb784dc0a4c91c0103eabf[/url]

[wojtas]

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
SRV - File not found [Disabled | Stopped] -- -- (ATKGFNEXSrv)
O4 - HKLM..\RunOnce: [] File not found

:Files
C:\Users\robert\AppData\Roaming\uerjda.dll

:Commands
[emptytemp]

Kliknij wykonaj skrypt. I potwierdź reset komputera .
1.Uruchom OTL z opcji sprzątanie.
2. wykonaj optymalizację Windowsa ( to dla xp ale część jest podobna )
3. zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie )
4. Skasuj stan przywracania systemu


Zaktualizuj zabezpieczenia:
>>> Adobe Reader (bez Free McAfee® Security Scan Plus)
>>> Internet Explorer 8
>>> Service Pack 2
>>> Java™ 6 Update 23