rayan2134 Napisano Czerwiec 17, 2010 Zgłoś Share Napisano Czerwiec 17, 2010 Witam mam problkem z windowsem 7 a mianowicie chodzi mi o jego uruchomienie mam takie problemy np. wczoraj włączyłem komputer po czym ładnie się załadował ale kiedy ma już wejśc do pulpituto pokazuje się strzałka i nic wiecej. Kiedy zrestartowałem kompa kilka krotnie udało się uruchomic (!) Nie wiem przez co to prosze o pomoc Teraz siedze na awaryjnym Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Czerwiec 17, 2010 Zgłoś Share Napisano Czerwiec 17, 2010 Jakiego masz antywirusa? Wykonaj pełne skanowanie programem Malwarebytes' Anti-Malware, niech ponaprawia to, co znajdzie. Następnie wklej na forum loga, który zostanie wygenerowany po skanowaniu. Link do komentarza Udostępnij na innych stronach More sharing options...
rayan2134 Napisano Czerwiec 17, 2010 Autor Zgłoś Share Napisano Czerwiec 17, 2010 Mój antywirus to AVG pl mam najnowszą wersje wiec... zrobiłem skana i zero wirusów nawet dwa skany i żadnego wirusa, niewiem przez co to może być ;( Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Czerwiec 17, 2010 Zgłoś Share Napisano Czerwiec 17, 2010 Skany czym? Czy zmieniałeś coś ostatnio w systemie? Czy to samo dzieje się na wszystkich kontach użytkowników? Zobacz, czy zadziała taki sposób: 1. Uruchamiasz system. 2. Gdy pojawi się kursor wciskasz CTRL+SHIFT+ESC. 3. Przejdź na kartę Procesy i kliknij przycisk nowe zadanie. 4. W oknie, które wyskoczy wpisz komendę explorer.exe Zobacz, czy wtedy pojawi się pulpit. Jeśli wyskoczy jakiś błąd, to napisz jaki. Link do komentarza Udostępnij na innych stronach More sharing options...
rayan2134 Napisano Czerwiec 17, 2010 Autor Zgłoś Share Napisano Czerwiec 17, 2010 Szczerze to ci powiem że nic się nie da zrobic ani Alt+Ctrl+Del ani Ctrl+Shift+ESC niewiem niewiem naprawde co to może być.. ;(( Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Czerwiec 17, 2010 Zgłoś Share Napisano Czerwiec 17, 2010 Ściągnij i uruchom w trybie awaryjnym OTL, pozaznaczaj opcje: Scan All Users, LOP Check, Purity Check. Zaznacz też opcję Use Safelist w Extra registry. Wklej oba wygenerowane przez OTL logi. Link do komentarza Udostępnij na innych stronach More sharing options...
rayan2134 Napisano Czerwiec 18, 2010 Autor Zgłoś Share Napisano Czerwiec 18, 2010 Prosze oto logi : OTL logfile created on: 2010-06-18 08:15:27 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Łukasz\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 88,00% Memory free 7,00 Gb Paging File | 7,00 Gb Available in Paging File | 95,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,20 Gb Total Space | 6,93 Gb Free Space | 23,74% Space Free | Partition Type: NTFS Drive D: | 45,21 Gb Total Space | 5,25 Gb Free Space | 11,61% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ŁUKASZ-KOMPUTER Current User Name: Łukasz Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (SafeList) ========== MOD - [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe MOD - [2009-07-14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009-07-14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010-06-15 17:37:52 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-03-27 10:42:24 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-03-16 03:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-03-14 10:21:44 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2010-03-14 10:21:25 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2009-07-14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009-07-14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009-07-14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009-07-14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009-07-14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009-07-14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009-07-14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-07-14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009-07-14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009-07-14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009-07-14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009-07-14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV) SRV - [2009-07-14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009-07-14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009-04-28 03:40:44 | 004,440,064 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service) SRV - [2008-09-29 06:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) ========== Driver Services (SafeList) ========== DRV - [2010-06-03 18:13:49 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010-06-03 18:13:49 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-05-08 08:45:55 | 000,137,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2010-03-16 08:51:59 | 011,573,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010-03-14 10:21:25 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2009-12-11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009-07-14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009-07-14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009-07-14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009-07-14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009-07-14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009-07-14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009-07-14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009-07-14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009-07-14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009-07-14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009-07-14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009-07-14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009-07-14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009-07-14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009-07-14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009-07-14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009-07-14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009-07-14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009-07-14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009-07-14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009-07-14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009-07-14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009-07-14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009-07-14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009-07-14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009-07-14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009-07-14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009-07-14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009-07-14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009-07-14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009-07-14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009-07-14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009-07-14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009-07-14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009-07-14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009-07-14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009-07-14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009-07-14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009-07-14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009-07-14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009-07-14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009-07-14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009-07-14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009-07-14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009-07-14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009-07-14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009-07-14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009-07-14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009-07-14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009-07-14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009-07-14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt) DRV - [2009-07-14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009-07-14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009-07-14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009-07-14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009-07-14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009-07-14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009-07-14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009-07-14 00:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167) DRV - [2009-07-14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009-07-14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009-07-14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2004-08-13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.start24.pl/ IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Bitcommet\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.) O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [RGSC] D:\Program Files\Gta 4\Rockstar Games Social Club\RGSCLauncher.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm () O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:\Bitcommet\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 193.169.112.1 0.0.0.0 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-06-18 08:14:07 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe [2010-06-15 17:37:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat [2010-06-10 14:07:56 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010-06-10 14:07:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010-06-10 14:07:52 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010-06-10 14:07:52 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010-06-10 14:07:52 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010-06-10 14:07:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010-06-10 14:07:41 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010-06-10 14:07:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010-06-08 18:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010-06-08 18:11:56 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Google [2010-06-04 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Deployment [2010-06-04 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Apps [2010-05-30 14:04:42 | 000,000,000 | -H-D | C] -- C:\Users\Łukasz\Documents\Runes of Magic [2010-05-30 13:44:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll ========== Files - Modified Within 30 Days ========== [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe [2010-06-18 08:10:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-06-18 08:10:19 | 2817,925,120 | -HS- | M] () -- C:\hiberfil.sys [2010-06-17 17:14:23 | 003,407,872 | -HS- | M] () -- C:\Users\Łukasz\NTUSER.DAT [2010-06-16 19:00:05 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempoq2860.html [2010-06-16 19:00:05 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempLJ2860.html [2010-06-16 18:17:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-06-16 18:17:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-06-16 18:07:58 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-06-16 18:07:58 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-06-16 18:04:25 | 061,115,517 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2010-06-16 18:00:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-06-16 17:51:37 | 000,003,296 | ---- | M] () -- C:\bootsqm.dat [2010-06-15 17:42:39 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempRv3416.html [2010-06-15 17:14:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempiI2952.html [2010-06-13 15:35:39 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempuZ2828.html [2010-06-13 12:16:32 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYL3368.html [2010-06-13 12:16:32 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempsu3368.html [2010-06-13 12:03:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempPa2828.html [2010-06-13 12:03:45 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGa2828.html [2010-06-12 20:22:18 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGD3508.html [2010-06-12 12:25:33 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempBo3472.html [2010-06-11 14:47:53 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempCd3620.html [2010-06-11 14:46:59 | 001,618,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-06-11 14:39:10 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Temprc3608.html [2010-06-10 14:04:11 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempAC3040.html [2010-06-08 18:58:58 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemprY2712.html [2010-06-07 21:44:15 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGP2868.html [2010-06-07 21:44:15 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempgu2868.html [2010-06-07 16:42:06 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempWV2728.html [2010-06-06 13:50:40 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempDW3036.html [2010-06-06 11:06:01 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXt2648.html [2010-06-05 17:07:30 | 001,550,892 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-06-05 17:07:30 | 000,900,074 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-06-05 17:07:30 | 000,420,758 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-06-05 17:07:30 | 000,383,012 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-06-05 17:07:30 | 000,004,568 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-06-05 17:05:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempJi2632.html [2010-06-05 14:59:35 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempVR3000.html [2010-06-05 10:42:09 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempbT2876.html [2010-06-04 21:20:30 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempVC2688.html [2010-06-04 13:57:55 | 000,005,871 | ---- | M] () -- C:\Users\Łukasz\.recently-used.xbel [2010-06-04 12:48:45 | 000,000,000 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2010-06-04 12:48:32 | 000,000,312 | ---- | M] () -- C:\Users\Łukasz\Desktop\Curse Client.appref-ms [2010-06-03 20:12:38 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempNP3180.html [2010-06-03 20:12:38 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempug3180.html [2010-06-03 18:13:49 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2010-06-03 18:13:49 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2010-06-03 18:04:08 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempaJ3112.html [2010-06-02 07:52:57 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempIJ2668.html [2010-06-01 12:58:31 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempuB2680.html [2010-06-01 07:53:26 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXY2696.html [2010-05-31 08:25:48 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempes2524.html [2010-05-31 08:25:48 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYh2524.html [2010-05-30 19:55:36 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempOW2996.html [2010-05-30 19:55:36 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempua2996.html [2010-05-30 14:05:36 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempZF3900.html [2010-05-30 14:02:20 | 000,001,089 | ---- | M] () -- C:\Users\Łukasz\Desktop\Runes of Magic.lnk [2010-05-30 13:42:24 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYs2564.html [2010-05-30 13:42:24 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempMF2564.html [2010-05-27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010-05-27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010-05-21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll ========== Files Created - No Company Name ========== [2010-06-16 18:01:23 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempoq2860.html [2010-06-16 18:01:23 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempLJ2860.html [2010-06-16 17:51:37 | 000,003,296 | ---- | C] () -- C:\bootsqm.dat [2010-06-15 17:42:24 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempRv3416.html [2010-06-15 16:46:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempiI2952.html [2010-06-13 15:35:25 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuZ2828.html [2010-06-13 12:11:06 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYL3368.html [2010-06-13 12:11:06 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempsu3368.html [2010-06-13 10:48:21 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPa2828.html [2010-06-13 10:48:21 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGa2828.html [2010-06-12 20:20:44 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGD3508.html [2010-06-12 12:25:01 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempBo3472.html [2010-06-11 14:47:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempCd3620.html [2010-06-11 14:38:50 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temprc3608.html [2010-06-10 14:03:49 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempAC3040.html [2010-06-08 18:12:04 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-06-08 18:12:03 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-06-08 18:09:24 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemprY2712.html [2010-06-07 20:01:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGP2868.html [2010-06-07 20:01:00 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempgu2868.html [2010-06-07 16:07:58 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempWV2728.html [2010-06-06 13:40:31 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempDW3036.html [2010-06-06 11:00:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXt2648.html [2010-06-05 17:05:34 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempJi2632.html [2010-06-05 14:42:17 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVR3000.html [2010-06-05 10:40:55 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempbT2876.html [2010-06-04 21:18:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVC2688.html [2010-06-04 13:57:55 | 000,005,871 | ---- | C] () -- C:\Users\Łukasz\.recently-used.xbel [2010-06-04 12:48:45 | 000,000,000 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2010-06-04 12:48:32 | 000,000,312 | ---- | C] () -- C:\Users\Łukasz\Desktop\Curse Client.appref-ms [2010-06-03 19:58:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempNP3180.html [2010-06-03 19:58:36 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempug3180.html [2010-06-03 18:03:40 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempaJ3112.html [2010-06-02 07:52:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempIJ2668.html [2010-06-01 12:58:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuB2680.html [2010-06-01 07:53:05 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXY2696.html [2010-05-31 07:45:35 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempes2524.html [2010-05-31 07:45:35 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYh2524.html [2010-05-30 15:58:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempOW2996.html [2010-05-30 15:58:36 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempua2996.html [2010-05-30 14:02:22 | 000,001,089 | ---- | C] () -- C:\Users\Łukasz\Desktop\Runes of Magic.lnk [2010-05-30 13:42:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZF3900.html [2010-05-30 13:40:26 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYs2564.html [2010-05-30 13:40:26 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempMF2564.html [2010-03-06 20:00:18 | 000,137,256 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-02-25 20:15:37 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-02-25 20:15:37 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-02-25 20:15:36 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-02-25 20:15:36 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-02-25 20:15:35 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-02-25 20:15:35 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2007-08-01 05:39:28 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2004-08-13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys ========== LOP Check ========== [2010-04-05 12:50:06 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\COWON [2010-03-12 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\FOG Downloader [2010-06-04 12:22:42 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Gadu-Gadu 10 [2010-05-05 14:22:53 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\gtk-2.0 [2010-04-11 09:41:34 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Mount&Blade Warband [2010-04-27 21:41:37 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\SA-MP Audio Plugin [2010-05-04 16:04:11 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > OTL Extras logfile created on: 2010-06-18 08:15:27 - Run 1 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Łukasz\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 88,00% Memory free 7,00 Gb Paging File | 7,00 Gb Available in Paging File | 95,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,20 Gb Total Space | 6,93 Gb Free Space | 23,74% Space Free | Partition Type: NTFS Drive D: | 45,21 Gb Total Space | 5,25 Gb Free Space | 11,61% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ŁUKASZ-KOMPUTER Current User Name: Łukasz Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company? 2 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help "{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed "{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3 "{7d2c33b7-2357-4737-82b2-4d386aa1861e}" = Nero 9 "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime "{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3 "AVG9Uninstall" = AVG Free 9.0 "Badaboom" = Badaboom 1.1.1.241 "BitComet" = BitComet 1.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "IncrediMail Xe" = IncrediMail Xe "KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Full) "Mount&Blade Warband" = Mount&Blade Warband "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Pakiet języka polskiego do jetAudio 6" = Pakiet języka polskiego do jetAudio 6 "PunkBusterSvc" = PunkBuster Services "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "VLC media player" = VLC media player 1.0.2 "WinGimp-2.0_is1" = GIMP 2.6.8 "WinRAR archiver" = Archiwizator WinRAR ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2487932381-1574326979-1788561927-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "090215de958f1060" = Curse Client ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error - 2010-06-03 12:13:51 | Computer Name = Łukasz-Komputer | Source = VSS | ID = 8194 Description = Error - 2010-06-05 06:27:59 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Client.exe, wersja: 3.0.1.2181, sygnatura czasowa: 0x4bf3c2a1 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdadb Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00060cec Identyfikator procesu powodującego błąd: 0x158 Godzina uruchomienia aplikacji powodującej błąd: 0x01cb04917005ea0b Ścieżka aplikacji powodującej błąd: D:\Program Files\Runes of Magic\Runes of Magic\Client.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 02e5fce8-708d-11df-b1a2-00261809330c Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error - 2010-06-06 05:06:47 | Computer Name = Łukasz-Komputer | Source = Application Hang | ID = 1002 Description = Program IncMail.exe w wersji 2.0.0.1184 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 97c Godzina rozpoczęcia: 01cb05577da879e6 Godzina zakończenia: 31 Ścieżka aplikacji: C:\Program Files\IncrediMail\bin\IncMail.exe Identyfikator raportu: Error - 2010-06-06 08:54:57 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Client.exe, wersja: 3.0.1.2181, sygnatura czasowa: 0x4bf3c2a1 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdadb Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00060cec Identyfikator procesu powodującego błąd: 0x14c0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cb056dd3177264 Ścieżka aplikacji powodującej błąd: D:\Program Files\Runes of Magic\Runes of Magic\Client.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: b56247f8-716a-11df-b6f9-00261809330c [ System Events ] Error - 2010-06-18 02:10:51 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 02:10:51 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 02:10:57 | Computer Name = Łukasz-Komputer | Source = DCOM | ID = 10005 Description = Error - 2010-06-18 02:10:57 | Computer Name = Łukasz-Komputer | Source = DCOM | ID = 10005 Description = Error - 2010-06-18 02:10:58 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 02:11:01 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 02:11:01 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 02:11:01 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 02:12:39 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 02:12:39 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 < End of report > Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Czerwiec 18, 2010 Zgłoś Share Napisano Czerwiec 18, 2010 Bawiłeś się może usługami systemowymi? Śladów infekcji nie widać, ale widać, że system próbuje uruchomić jakieś usługi, ale nie może tego zrobić. Daj może jeszcze jeden log z OTL, tym razem zaznacz opcję All w polach Services oraz Drivers, w reszcie możesz ustawić opcję None, reszta ustawień jak wcześniej. Link do komentarza Udostępnij na innych stronach More sharing options...
rayan2134 Napisano Czerwiec 18, 2010 Autor Zgłoś Share Napisano Czerwiec 18, 2010 nie bawiłem się w systemie to pierwszy log OTL logfile created on: 2010-06-18 15:49:56 - Run 2 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Łukasz\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,20 Gb Total Space | 6,94 Gb Free Space | 23,76% Space Free | Partition Type: NTFS Drive D: | 45,21 Gb Total Space | 5,25 Gb Free Space | 11,61% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ŁUKASZ-KOMPUTER Current User Name: Łukasz Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (SafeList) ========== MOD - [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe MOD - [2009-07-14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009-07-14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll ========== Win32 Services (All) ========== SRV - [2010-06-15 17:37:52 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-06-08 18:11:56 | 000,136,176 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate) SRV - [2010-05-08 09:21:46 | 000,218,808 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB) SRV - [2010-03-27 10:42:24 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-03-16 03:15:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc) SRV - [2010-03-16 03:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-03-14 10:21:44 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2010-03-14 10:21:25 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2010-03-06 19:59:47 | 000,075,064 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA) SRV - [2009-07-14 03:16:21 | 001,912,832 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wuaueng.dll -- (wuauserv) SRV - [2009-07-14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009-07-14 03:16:21 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc) SRV - [2009-07-14 03:16:20 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WsmSvc.dll -- (WinRM) Zdalne zarządzanie systemem Windows (WS-Management) SRV - [2009-07-14 03:16:20 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum) SRV - [2009-07-14 03:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wscsvc.dll -- (wscsvc) SRV - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc) SRV - [2009-07-14 03:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc) SRV - [2009-07-14 03:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2009-07-14 03:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt) SRV - [2009-07-14 03:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation) SRV - [2009-07-14 03:16:18 | 001,086,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog) SRV - [2009-07-14 03:16:18 | 000,462,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiaservc.dll -- (StiSvc) Windows Image Acquisition (WIA) SRV - [2009-07-14 03:16:18 | 000,276,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc) SRV - [2009-07-14 03:16:18 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WebClnt.dll -- (WebClient) SRV - [2009-07-14 03:16:18 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wecsvc.dll -- (Wecsvc) SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiSystemHost) SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiServiceHost) SRV - [2009-07-14 03:16:18 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wersvc.dll -- (WerSvc) SRV - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport) SRV - [2009-07-14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService) SRV - [2009-07-14 03:16:17 | 000,294,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay) SRV - [2009-07-14 03:16:17 | 000,288,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\w32time.dll -- (W32Time) SRV - [2009-07-14 03:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\upnphost.dll -- (upnphost) SRV - [2009-07-14 03:16:17 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\umrdp.dll -- (UmRdpService) SRV - [2009-07-14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009-07-14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009-07-14 03:16:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\uxsms.dll -- (UxSms) SRV - [2009-07-14 03:16:16 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\trkwks.dll -- (TrkWks) SRV - [2009-07-14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009-07-14 03:16:15 | 001,169,408 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sysmain.dll -- (SysMain) SRV - [2009-07-14 03:16:15 | 000,543,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\termsrv.dll -- (TermService) SRV - [2009-07-14 03:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv) SRV - [2009-07-14 03:16:15 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv) SRV - [2009-07-14 03:16:15 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer) SRV - [2009-07-14 03:16:15 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV) SRV - [2009-07-14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc) SRV - [2009-07-14 03:16:15 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\TabSvc.dll -- (TabletInputService) SRV - [2009-07-14 03:16:15 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tbssvc.dll -- (TBS) SRV - [2009-07-14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009-07-14 03:16:14 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection) SRV - [2009-07-14 03:16:13 | 000,743,424 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\schedsvc.dll -- (Schedule) SRV - [2009-07-14 03:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs) Zdalne wywoływanie procedur (RPC) SRV - [2009-07-14 03:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch) SRV - [2009-07-14 03:16:13 | 000,132,608 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr) SRV - [2009-07-14 03:16:13 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC) SRV - [2009-07-14 03:16:13 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry) SRV - [2009-07-14 03:16:13 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SessEnv.dll -- (SessionEnv) SRV - [2009-07-14 03:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\Sens.dll -- (SENS) SRV - [2009-07-14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon) SRV - [2009-07-14 03:16:12 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pla.dll -- (pla) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\qmgr.dll -- (BITS) SRV - [2009-07-14 03:16:12 | 000,330,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\QAGENTRT.DLL -- (napagent) SRV - [2009-07-14 03:16:12 | 000,327,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2psvc) SRV - [2009-07-14 03:16:12 | 000,285,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan) SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009-07-14 03:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qwave.dll -- (QWAVE) SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009-07-14 03:16:12 | 000,162,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc) SRV - [2009-07-14 03:16:12 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pcasvc.dll -- (PcaSvc) SRV - [2009-07-14 03:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto) SRV - [2009-07-14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009-07-14 03:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi) SRV - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm) SRV - [2009-07-14 03:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman) SRV - [2009-07-14 03:16:03 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc) SRV - [2009-07-14 03:15:43 | 000,308,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtckrm.dll -- (KtmRm) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009-07-14 03:15:41 | 000,565,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc) SRV - [2009-07-14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess) SRV - [2009-07-14 03:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\mmcss.dll -- (THREADORDER) SRV - [2009-07-14 03:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS) SRV - [2009-07-14 03:15:38 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc) SRV - [2009-07-14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009-07-14 03:15:36 | 000,189,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc) SRV - [2009-07-14 03:15:36 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lmhsvc.dll -- (lmhosts) SRV - [2009-07-14 03:15:35 | 000,071,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc) SRV - [2009-07-14 03:15:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI) SRV - [2009-07-14 03:15:33 | 000,497,152 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc) SRV - [2009-07-14 03:15:33 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent) SRV - [2009-07-14 03:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess) Udostępnianie połączenia internetowego (ICS) SRV - [2009-07-14 03:15:33 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum) SRV - [2009-07-14 03:15:31 | 000,667,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT) SRV - [2009-07-14 03:15:24 | 000,591,360 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\gpsvc.dll -- (gpsvc) SRV - [2009-07-14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv) SRV - [2009-07-14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009-07-14 03:15:20 | 000,028,160 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\FDResPub.dll -- (FDResPub) SRV - [2009-07-14 03:15:20 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fdPHost.dll -- (fdPHost) SRV - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\es.dll -- (EventSystem) SRV - [2009-07-14 03:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost) Protokół uwierzytelniania rozszerzonego (EAP) SRV - [2009-07-14 03:15:12 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc) SRV - [2009-07-14 03:15:12 | 000,143,360 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\dps.dll -- (DPS) SRV - [2009-07-14 03:15:12 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache) SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009-07-14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009-07-14 03:15:07 | 000,544,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\cscsvc.dll -- (CscService) SRV - [2009-07-14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc) SRV - [2009-07-14 03:15:02 | 000,067,584 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\certprop.dll -- (SCPolicySvc) SRV - [2009-07-14 03:15:02 | 000,067,584 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\certprop.dll -- (CertPropSvc) SRV - [2009-07-14 03:15:00 | 000,102,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\browser.dll -- (Browser) SRV - [2009-07-14 03:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\bthserv.dll -- (bthserv) SRV - [2009-07-14 03:14:59 | 000,493,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE) SRV - [2009-07-14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009-07-14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV) SRV - [2009-07-14 03:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv) SRV - [2009-07-14 03:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder) SRV - [2009-07-14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt) SRV - [2009-07-14 03:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc) SRV - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo) SRV - [2009-07-14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009-07-14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2009-07-14 03:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv) SRV - [2009-07-14 03:14:44 | 001,202,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbengine.exe -- (wbengine) SRV - [2009-07-14 03:14:43 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS) SRV - [2009-07-14 03:14:43 | 000,452,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vds.exe -- (vds) SRV - [2009-07-14 03:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect) SRV - [2009-07-14 03:14:42 | 000,204,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller) SRV - [2009-07-14 03:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\spoolsv.exe -- (Spooler) SRV - [2009-07-14 03:14:39 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP) SRV - [2009-07-14 03:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch) SRV - [2009-07-14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009-07-14 03:14:25 | 000,134,144 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\msdtc.exe -- (MSDTC) SRV - [2009-07-14 03:14:25 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver) SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (VaultSvc) SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\lsass.exe -- (SamSs) SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage) SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (Netlogon) SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (KeyIso) SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\lsass.exe -- (EFS) System szyfrowania plików (EFS) SRV - [2009-07-14 03:14:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Locator.exe -- (RpcLocator) Lokalizator usługi zdalnego wywołania procedury (RPC) SRV - [2009-07-14 03:14:20 | 000,522,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FXSSVC.exe -- (Fax) SRV - [2009-07-14 03:14:19 | 000,557,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr) SRV - [2009-07-14 03:14:19 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched) SRV - [2009-07-14 03:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp) SRV - [2009-07-14 03:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-06-10 23:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) SRV - [2009-06-10 23:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing) SRV - [2009-06-10 23:14:02 | 000,878,416 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) SRV - [2009-04-28 03:40:44 | 004,440,064 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service) SRV - [2008-09-29 06:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2006-02-28 13:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service) ========== Driver Services (All) ========== DRV - [2010-06-03 18:13:49 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX) DRV - [2010-06-03 18:13:49 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86) DRV - [2010-05-08 08:45:55 | 000,137,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PnkBstrK.sys -- (PnkBstrK) DRV - [2010-03-16 08:51:59 | 011,573,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010-03-14 10:21:25 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86) DRV - [2010-02-27 09:32:26 | 000,221,696 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10) DRV - [2010-02-27 09:32:12 | 000,095,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20) DRV - [2010-02-27 09:32:05 | 000,123,392 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb) DRV - [2009-12-11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009-12-08 10:05:40 | 000,310,784 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srv.sys -- (srv) DRV - [2009-12-08 10:05:09 | 000,113,664 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet) DRV - [2009-10-02 06:06:59 | 000,728,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl) DRV - [2009-09-26 07:58:35 | 000,194,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\fvevol.sys -- (fvevol) DRV - [2009-07-14 03:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\clfs.sys -- (CLFS) System Common Log (CLFS) DRV - [2009-07-14 03:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\compbatt.sys -- (Compbatt) DRV - [2009-07-14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009-07-14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009-07-14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009-07-14 03:26:15 | 000,274,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ACPI.sys -- (ACPI) DRV - [2009-07-14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009-07-14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009-07-14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009-07-14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009-07-14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdagp.sys -- (amdagp) DRV - [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\agp440.sys -- (agp440) DRV - [2009-07-14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi) DRV - [2009-07-14 03:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdide.sys -- (amdide) DRV - [2009-07-14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009-07-14 03:20:45 | 000,153,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\pci.sys -- (pci) DRV - [2009-07-14 03:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\pciide.sys -- (pciide) DRV - [2009-07-14 03:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs) DRV - [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ndis.sys -- (NDIS) DRV - [2009-07-14 03:20:44 | 000,186,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\msiscsi.sys -- (iScsiPrt) DRV - [2009-07-14 03:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC) DRV - [2009-07-14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009-07-14 03:20:44 | 000,130,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\mpio.sys -- (mpio) DRV - [2009-07-14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009-07-14 03:20:44 | 000,115,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\msdsm.sys -- (msdsm) DRV - [2009-07-14 03:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nv_agp.sys -- (nv_agp) DRV - [2009-07-14 03:20:44 | 000,078,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (mountmgr) DRV - [2009-07-14 03:20:44 | 000,056,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr) DRV - [2009-07-14 03:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\mup.sys -- (Mup) DRV - [2009-07-14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009-07-14 03:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass) DRV - [2009-07-14 03:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios) DRV - [2009-07-14 03:20:44 | 000,027,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\msahci.sys -- (msahci) DRV - [2009-07-14 03:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\msisadrv.sys -- (msisadrv) DRV - [2009-07-14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009-07-14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009-07-14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009-07-14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009-07-14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009-07-14 03:20:36 | 000,067,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecdd.sys -- (KSecDD) DRV - [2009-07-14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009-07-14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\isapnp.sys -- (isapnp) DRV - [2009-07-14 03:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass) DRV - [2009-07-14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009-07-14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009-07-14 03:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\intelide.sys -- (intelide) DRV - [2009-07-14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009-07-14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009-07-14 03:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fltmgr.sys -- (FltMgr) DRV - [2009-07-14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009-07-14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009-07-14 03:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fileinfo.sys -- (FileInfo) DRV - [2009-07-14 03:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\gagp30kx.sys -- (gagp30kx) DRV - [2009-07-14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009-07-14 03:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\DRIVERS\crcdisk.sys -- (crcdisk) DRV - [2009-07-14 03:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\disk.sys -- (Disk) DRV - [2009-07-14 03:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx) DRV - [2009-07-14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009-07-14 03:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\uliagpkx.sys -- (uliagpkx) DRV - [2009-07-14 03:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\wd.sys -- (Wd) DRV - [2009-07-14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (TCPIP6) DRV - [2009-07-14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip) DRV - [2009-07-14 03:19:10 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\Wdf01000.sys -- (Wdf01000) DRV - [2009-07-14 03:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\volsnap.sys -- (volsnap) DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009-07-14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009-07-14 03:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\uagp35.sys -- (uagp35) DRV - [2009-07-14 03:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaagp.sys -- (viaagp) DRV - [2009-07-14 03:19:10 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\volmgr.sys -- (volmgr) DRV - [2009-07-14 03:19:10 | 000,051,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD) DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009-07-14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009-07-14 03:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum) DRV - [2009-07-14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009-07-14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009-07-14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009-07-14 03:19:04 | 000,085,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sbp2port.sys -- (sbp2port) DRV - [2009-07-14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009-07-14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009-07-14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009-07-14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009-07-14 03:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\pcmcia.sys -- (pcmcia) DRV - [2009-07-14 03:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisagp.sys -- (sisagp) DRV - [2009-07-14 03:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\spldr.sys -- (spldr) DRV - [2009-07-14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009-07-14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009-07-14 02:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH) DRV - [2009-07-14 02:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\usbprint.sys -- (usbprint) DRV - [2009-07-14 02:02:58 | 000,133,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (RDPDR) DRV - [2009-07-14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009-07-14 02:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD) DRV - [2009-07-14 02:01:51 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv) DRV - [2009-07-14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009-07-14 02:01:40 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD) DRV - [2009-07-14 02:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD) DRV - [2009-07-14 02:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP) DRV - [2009-07-14 02:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE) DRV - [2009-07-14 01:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modem.sys -- (Modem) DRV - [2009-07-14 01:55:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6) DRV - [2009-07-14 01:55:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (WANARP) DRV - [2009-07-14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl) DRV - [2009-07-14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009-07-14 01:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp) WAN Miniport (SSTP) DRV - [2009-07-14 01:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe) DRV - [2009-07-14 01:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport) Miniport WAN (PPTP) DRV - [2009-07-14 01:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac) DRV - [2009-07-14 01:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd) DRV - [2009-07-14 01:54:35 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan) DRV - [2009-07-14 01:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp) Miniport WAN (L2TP) DRV - [2009-07-14 01:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT) DRV - [2009-07-14 01:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver) DRV - [2009-07-14 01:54:27 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy) DRV - [2009-07-14 01:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi) DRV - [2009-07-14 01:54:14 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg) DRV - [2009-07-14 01:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv) DRV - [2009-07-14 01:54:03 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel) DRV - [2009-07-14 01:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (Psched) DRV - [2009-07-14 01:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS) DRV - [2009-07-14 01:53:51 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio) DRV - [2009-07-14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009-07-14 01:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smb.sys -- (Smb) Protokół TCP/IP i TCP/IPv6 zorientowany na wiadomości (sesja SMB) DRV - [2009-07-14 01:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM) DRV - [2009-07-14 01:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr) DRV - [2009-07-14 01:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio) DRV - [2009-07-14 01:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv) DRV - [2009-07-14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009-07-14 01:52:09 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub) DRV - [2009-07-14 01:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP) DRV - [2009-07-14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009-07-14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009-07-14 01:51:47 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService) DRV - [2009-07-14 01:51:39 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus) DRV - [2009-07-14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009-07-14 01:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bthmodem.sys -- (BTHMODEM) DRV - [2009-07-14 01:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\hidbth.sys -- (HidBth) DRV - [2009-07-14 01:51:31 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp) DRV - [2009-07-14 01:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy) DRV - [2009-07-14 01:51:19 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR) DRV - [2009-07-14 01:51:18 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR) DRV - [2009-07-14 01:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\circlass.sys -- (circlass) DRV - [2009-07-14 01:51:14 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci) DRV - [2009-07-14 01:51:14 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\usbohci.sys -- (usbohci) DRV - [2009-07-14 01:51:10 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci) DRV - [2009-07-14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009-07-14 01:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\hidir.sys -- (HidIr) DRV - [2009-07-14 01:51:04 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb) DRV - [2009-07-14 01:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud) DRV - [2009-07-14 01:50:56 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2009-07-14 01:50:45 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd) DRV - [2009-07-14 01:50:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf) DRV - [2009-07-14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009-07-14 01:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\wacompen.sys -- (WacomPen) DRV - [2009-07-14 01:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sfloppy.sys -- (sfloppy) DRV - [2009-07-14 01:45:52 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sffp_sd.sys -- (sffp_sd) DRV - [2009-07-14 01:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sffp_mmc.sys -- (sffp_mmc) DRV - [2009-07-14 01:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sffdisk.sys -- (sffdisk) DRV - [2009-07-14 01:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\fdc.sys -- (fdc) DRV - [2009-07-14 01:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\flpydisk.sys -- (flpydisk) DRV - [2009-07-14 01:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport) DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2009-07-14 01:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm) DRV - [2009-07-14 01:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum) DRV - [2009-07-14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009-07-14 01:45:09 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid) DRV - [2009-07-14 01:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid) DRV - [2009-07-14 01:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sermouse.sys -- (sermouse) DRV - [2009-07-14 01:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV) DRV - [2009-07-14 01:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE) DRV - [2009-07-14 01:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK) DRV - [2009-07-14 01:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM) DRV - [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep) DRV - [2009-07-14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009-07-14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009-07-14 01:30:59 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\IPMIDrv.sys -- (IPMIDRV) DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009-07-14 01:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\monitor.sys -- (monitor) DRV - [2009-07-14 01:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave) DRV - [2009-07-14 01:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga) DRV - [2009-07-14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009-07-14 01:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive) DRV - [2009-07-14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt) DRV - [2009-07-14 01:19:19 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\errdev.sys -- (ErrDev) DRV - [2009-07-14 01:19:18 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\CmBatt.sys -- (CmBatt) DRV - [2009-07-14 01:19:17 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\wmiacpi.sys -- (WmiAcpi) DRV - [2009-07-14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009-07-14 01:15:45 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Auto | Stopped] -- C:\Windows\system32\drivers\luafv.sys -- (luafv) DRV - [2009-07-14 01:15:29 | 000,028,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace) DRV - [2009-07-14 01:15:13 | 000,387,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\csc.sys -- (CSC) DRV - [2009-07-14 01:14:55 | 000,306,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srv2.sys -- (srv2) DRV - [2009-07-14 01:14:29 | 000,241,664 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss) DRV - [2009-07-14 01:14:26 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV) DRV - [2009-07-14 01:14:22 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser) DRV - [2009-07-14 01:14:17 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC) DRV - [2009-07-14 01:14:09 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs) DRV - [2009-07-14 01:14:03 | 000,142,336 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat) DRV - [2009-07-14 01:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat) DRV - [2009-07-14 01:12:59 | 000,513,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\http.sys -- (HTTP) DRV - [2009-07-14 01:12:38 | 000,338,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\afd.sys -- (AFD) DRV - [2009-07-14 01:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (NetBT) DRV - [2009-07-14 01:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx) DRV - [2009-07-14 01:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy) DRV - [2009-07-14 01:11:32 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs) DRV - [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom) DRV - [2009-07-14 01:11:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs) DRV - [2009-07-14 01:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt) DRV - [2009-07-14 01:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs) DRV - [2009-07-14 01:11:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null) DRV - [2009-07-14 01:11:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdk8.sys -- (AmdK8) DRV - [2009-07-14 01:11:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm) DRV - [2009-07-14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viac7.sys -- (ViaC7) DRV - [2009-07-14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009-07-14 01:11:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\processr.sys -- (Processor) DRV - [2009-07-14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009-07-14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009-07-14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009-07-14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009-07-14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009-07-14 00:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167) DRV - [2009-07-14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009-07-14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009-07-14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009-07-13 22:50:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2004-08-13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.start24.pl/ IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Bitcommet\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.) O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [RGSC] D:\Program Files\Gta 4\Rockstar Games Social Club\RGSCLauncher.exe File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm () O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:\Bitcommet\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O13 - gopher Prefix: missing O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 193.169.112.1 0.0.0.0 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-06-18 08:14:07 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe [2010-06-15 17:37:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat [2010-06-10 14:07:56 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010-06-10 14:07:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010-06-10 14:07:52 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010-06-10 14:07:52 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010-06-10 14:07:52 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010-06-10 14:07:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010-06-10 14:07:41 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010-06-10 14:07:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010-06-08 18:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010-06-08 18:11:56 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Google [2010-06-04 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Deployment [2010-06-04 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Apps [2010-05-30 14:04:42 | 000,000,000 | -H-D | C] -- C:\Users\Łukasz\Documents\Runes of Magic [2010-05-30 13:44:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll ========== Files - Modified Within 30 Days ========== [2010-06-18 15:46:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010-06-18 15:46:41 | 2817,925,120 | -HS- | M] () -- C:\hiberfil.sys [2010-06-18 08:32:34 | 003,407,872 | -HS- | M] () -- C:\Users\Łukasz\NTUSER.DAT [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe [2010-06-16 19:00:05 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempoq2860.html [2010-06-16 19:00:05 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempLJ2860.html [2010-06-16 18:17:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-06-16 18:17:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-06-16 18:07:58 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010-06-16 18:07:58 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010-06-16 18:04:25 | 061,115,517 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2010-06-16 18:00:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010-06-16 17:51:37 | 000,003,296 | ---- | M] () -- C:\bootsqm.dat [2010-06-15 17:42:39 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempRv3416.html [2010-06-15 17:14:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempiI2952.html [2010-06-13 15:35:39 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempuZ2828.html [2010-06-13 12:16:32 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYL3368.html [2010-06-13 12:16:32 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempsu3368.html [2010-06-13 12:03:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempPa2828.html [2010-06-13 12:03:45 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGa2828.html [2010-06-12 20:22:18 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGD3508.html [2010-06-12 12:25:33 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempBo3472.html [2010-06-11 14:47:53 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempCd3620.html [2010-06-11 14:46:59 | 001,618,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010-06-11 14:39:10 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Temprc3608.html [2010-06-10 14:04:11 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempAC3040.html [2010-06-08 18:58:58 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemprY2712.html [2010-06-07 21:44:15 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGP2868.html [2010-06-07 21:44:15 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempgu2868.html [2010-06-07 16:42:06 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempWV2728.html [2010-06-06 13:50:40 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempDW3036.html [2010-06-06 11:06:01 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXt2648.html [2010-06-05 17:07:30 | 001,550,892 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2010-06-05 17:07:30 | 000,900,074 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010-06-05 17:07:30 | 000,420,758 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2010-06-05 17:07:30 | 000,383,012 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010-06-05 17:07:30 | 000,004,568 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010-06-05 17:05:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempJi2632.html [2010-06-05 14:59:35 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempVR3000.html [2010-06-05 10:42:09 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempbT2876.html [2010-06-04 21:20:30 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempVC2688.html [2010-06-04 13:57:55 | 000,005,871 | ---- | M] () -- C:\Users\Łukasz\.recently-used.xbel [2010-06-04 12:48:45 | 000,000,000 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2010-06-04 12:48:32 | 000,000,312 | ---- | M] () -- C:\Users\Łukasz\Desktop\Curse Client.appref-ms [2010-06-03 20:12:38 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempNP3180.html [2010-06-03 20:12:38 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempug3180.html [2010-06-03 18:13:49 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2010-06-03 18:13:49 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2010-06-03 18:04:08 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempaJ3112.html [2010-06-02 07:52:57 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempIJ2668.html [2010-06-01 12:58:31 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempuB2680.html [2010-06-01 07:53:26 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXY2696.html [2010-05-31 08:25:48 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempes2524.html [2010-05-31 08:25:48 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYh2524.html [2010-05-30 19:55:36 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempOW2996.html [2010-05-30 19:55:36 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempua2996.html [2010-05-30 14:05:36 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempZF3900.html [2010-05-30 14:02:20 | 000,001,089 | ---- | M] () -- C:\Users\Łukasz\Desktop\Runes of Magic.lnk [2010-05-30 13:42:24 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYs2564.html [2010-05-30 13:42:24 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempMF2564.html [2010-05-27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010-05-27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010-05-21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll ========== Files Created - No Company Name ========== [2010-06-16 18:01:23 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempoq2860.html [2010-06-16 18:01:23 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempLJ2860.html [2010-06-16 17:51:37 | 000,003,296 | ---- | C] () -- C:\bootsqm.dat [2010-06-15 17:42:24 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempRv3416.html [2010-06-15 16:46:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempiI2952.html [2010-06-13 15:35:25 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuZ2828.html [2010-06-13 12:11:06 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYL3368.html [2010-06-13 12:11:06 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempsu3368.html [2010-06-13 10:48:21 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPa2828.html [2010-06-13 10:48:21 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGa2828.html [2010-06-12 20:20:44 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGD3508.html [2010-06-12 12:25:01 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempBo3472.html [2010-06-11 14:47:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempCd3620.html [2010-06-11 14:38:50 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temprc3608.html [2010-06-10 14:03:49 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempAC3040.html [2010-06-08 18:12:04 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010-06-08 18:12:03 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010-06-08 18:09:24 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemprY2712.html [2010-06-07 20:01:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGP2868.html [2010-06-07 20:01:00 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempgu2868.html [2010-06-07 16:07:58 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempWV2728.html [2010-06-06 13:40:31 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempDW3036.html [2010-06-06 11:00:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXt2648.html [2010-06-05 17:05:34 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempJi2632.html [2010-06-05 14:42:17 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVR3000.html [2010-06-05 10:40:55 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempbT2876.html [2010-06-04 21:18:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVC2688.html [2010-06-04 13:57:55 | 000,005,871 | ---- | C] () -- C:\Users\Łukasz\.recently-used.xbel [2010-06-04 12:48:45 | 000,000,000 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2010-06-04 12:48:32 | 000,000,312 | ---- | C] () -- C:\Users\Łukasz\Desktop\Curse Client.appref-ms [2010-06-03 19:58:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempNP3180.html [2010-06-03 19:58:36 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempug3180.html [2010-06-03 18:03:40 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempaJ3112.html [2010-06-02 07:52:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempIJ2668.html [2010-06-01 12:58:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuB2680.html [2010-06-01 07:53:05 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXY2696.html [2010-05-31 07:45:35 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempes2524.html [2010-05-31 07:45:35 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYh2524.html [2010-05-30 15:58:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempOW2996.html [2010-05-30 15:58:36 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempua2996.html [2010-05-30 14:02:22 | 000,001,089 | ---- | C] () -- C:\Users\Łukasz\Desktop\Runes of Magic.lnk [2010-05-30 13:42:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZF3900.html [2010-05-30 13:40:26 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYs2564.html [2010-05-30 13:40:26 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempMF2564.html [2010-03-06 20:00:18 | 000,137,256 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-02-25 20:15:37 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-02-25 20:15:37 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-02-25 20:15:36 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010-02-25 20:15:36 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-02-25 20:15:35 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-02-25 20:15:35 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2007-08-01 05:39:28 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2004-08-13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys ========== LOP Check ========== [2010-04-05 12:50:06 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\COWON [2010-03-12 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\FOG Downloader [2010-06-04 12:22:42 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Gadu-Gadu 10 [2010-05-05 14:22:53 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\gtk-2.0 [2010-04-11 09:41:34 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Mount&Blade Warband [2010-04-27 21:41:37 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\SA-MP Audio Plugin [2010-05-04 16:04:11 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > a to drugi : OTL Extras logfile created on: 2010-06-18 15:49:56 - Run 2 OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Łukasz\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free 7,00 Gb Paging File | 6,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,20 Gb Total Space | 6,94 Gb Free Space | 23,76% Space Free | Partition Type: NTFS Drive D: | 45,21 Gb Total Space | 5,25 Gb Free Space | 11,61% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ŁUKASZ-KOMPUTER Current User Name: Łukasz Logged in as Administrator. Current Boot Mode: SafeMode with Networking Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help "{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM "{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart "{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company? 2 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help "{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers "{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help "{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help "{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed "{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed "{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed "{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3 "{7d2c33b7-2357-4737-82b2-4d386aa1861e}" = Nero 9 "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express "{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime "{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in "{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer "{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic "{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress "{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit "{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit "{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup "{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help "{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX "{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio "{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3 "AVG9Uninstall" = AVG Free 9.0 "Badaboom" = Badaboom 1.1.1.241 "BitComet" = BitComet 1.20 "Gadu-Gadu 10" = Gadu-Gadu 10 "IncrediMail Xe" = IncrediMail Xe "KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Full) "Mount&Blade Warband" = Mount&Blade Warband "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Pakiet języka polskiego do jetAudio 6" = Pakiet języka polskiego do jetAudio 6 "PunkBusterSvc" = PunkBuster Services "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "VLC media player" = VLC media player 1.0.2 "WinGimp-2.0_is1" = GIMP 2.6.8 "WinRAR archiver" = Archiwizator WinRAR ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2487932381-1574326979-1788561927-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "090215de958f1060" = Curse Client ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error - 2010-06-03 12:13:51 | Computer Name = Łukasz-Komputer | Source = VSS | ID = 8194 Description = Error - 2010-06-05 06:27:59 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Client.exe, wersja: 3.0.1.2181, sygnatura czasowa: 0x4bf3c2a1 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdadb Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00060cec Identyfikator procesu powodującego błąd: 0x158 Godzina uruchomienia aplikacji powodującej błąd: 0x01cb04917005ea0b Ścieżka aplikacji powodującej błąd: D:\Program Files\Runes of Magic\Runes of Magic\Client.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 02e5fce8-708d-11df-b1a2-00261809330c Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012 Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance. Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis DWORD w sekcji Data. Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3011 Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl (WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu. Error - 2010-06-06 05:06:47 | Computer Name = Łukasz-Komputer | Source = Application Hang | ID = 1002 Description = Program IncMail.exe w wersji 2.0.0.1184 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum akcji. Identyfikator procesu: 97c Godzina rozpoczęcia: 01cb05577da879e6 Godzina zakończenia: 31 Ścieżka aplikacji: C:\Program Files\IncrediMail\bin\IncMail.exe Identyfikator raportu: Error - 2010-06-06 08:54:57 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000 Description = Nazwa aplikacji powodującej błąd: Client.exe, wersja: 3.0.1.2181, sygnatura czasowa: 0x4bf3c2a1 Nazwa modułu powodującego błąd: ntdll.dll, wersja: 6.1.7600.16385, sygnatura czasowa: 0x4a5bdadb Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x00060cec Identyfikator procesu powodującego błąd: 0x14c0 Godzina uruchomienia aplikacji powodującej błąd: 0x01cb056dd3177264 Ścieżka aplikacji powodującej błąd: D:\Program Files\Runes of Magic\Runes of Magic\Client.exe Ścieżka modułu powodującego błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: b56247f8-716a-11df-b6f9-00261809330c [ System Events ] Error - 2010-06-18 09:47:20 | Computer Name = Łukasz-Komputer | Source = DCOM | ID = 10005 Description = Error - 2010-06-18 09:47:21 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania funkcji, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 09:47:22 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 09:47:22 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 09:47:22 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 09:47:30 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 09:47:30 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 09:47:30 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 09:49:02 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2010-06-18 09:49:02 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie można uruchomić z powodu następującego błędu: %%1068 < End of report > Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Czerwiec 18, 2010 Zgłoś Share Napisano Czerwiec 18, 2010 Niby powinno działać. Spróbuj zrobić tak. Odinstaluj antywirusa, bo on może coś mieszać, następnie wykonaj czysty rozruch i zobacz, czy system się załaduje. Tu masz opisane jak przeprowadzić czysty rozruch pod Vistą, pod Windows 7 przebiega to w sposób identyczny. Link do komentarza Udostępnij na innych stronach More sharing options...
rayan2134 Napisano Czerwiec 18, 2010 Autor Zgłoś Share Napisano Czerwiec 18, 2010 UDAŁO SIE!!! System ruszył ale nie zrobiłem tak jak kazałeś :DD Zrobiłem tak: Czysty rozruch - nic nie dało więc usunąłem antywirusa i działa!!! system rusza bez problemu ale boje się że to się powtórzy... czy możesz poradzić coś żeby ten błąd nie występował już wogóle?? Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Czerwiec 18, 2010 Zgłoś Share Napisano Czerwiec 18, 2010 Czyli pewnie antywirus coś blokował. Zdarza się, że antywirusy blokują jakieś usługi systemowe, być może aktualizacja to naprawia. Link do komentarza Udostępnij na innych stronach More sharing options...
rayan2134 Napisano Czerwiec 19, 2010 Autor Zgłoś Share Napisano Czerwiec 19, 2010 Dobra. WIELKIE dzięki , problem rozwiązany temat można zamknąć i jeszcze raz wielkie dzięki ) Link do komentarza Udostępnij na innych stronach More sharing options...
Sevard Napisano Czerwiec 19, 2010 Zgłoś Share Napisano Czerwiec 19, 2010 Problem rozwiązany, więc temat zamykam.W razie potrzeby otwarcia tematu, proszę o kontakt przez PW. Link do komentarza Udostępnij na innych stronach More sharing options...