Skocz do zawartości

Zarchiwizowany

Ten temat jest archiwizowany i nie można dodawać nowych odpowiedzi.

rayan2134

Rozwiązany: Problem ! Win 7

Polecane posty

Witam mam problkem z windowsem 7 a mianowicie chodzi mi o jego uruchomienie mam takie problemy np. wczoraj włączyłem komputer po czym ładnie się załadował ale kiedy ma już wejśc do pulpituto pokazuje się strzałka i nic wiecej. Kiedy zrestartowałem kompa kilka krotnie udało się uruchomic (!) Nie wiem przez co to prosze o pomoc

Teraz siedze na awaryjnym :sleep:

Link do komentarza
Udostępnij na innych stronach

Skany czym? Czy zmieniałeś coś ostatnio w systemie? Czy to samo dzieje się na wszystkich kontach użytkowników?

Zobacz, czy zadziała taki sposób:

1. Uruchamiasz system.

2. Gdy pojawi się kursor wciskasz CTRL+SHIFT+ESC.

3. Przejdź na kartę Procesy i kliknij przycisk nowe zadanie.

4. W oknie, które wyskoczy wpisz komendę

explorer.exe

Zobacz, czy wtedy pojawi się pulpit. Jeśli wyskoczy jakiś błąd, to napisz jaki.

Link do komentarza
Udostępnij na innych stronach

Prosze oto logi :

OTL logfile created on: 2010-06-18 08:15:27 - Run 1

OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Łukasz\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 88,00% Memory free

7,00 Gb Paging File | 7,00 Gb Available in Paging File | 95,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 29,20 Gb Total Space | 6,93 Gb Free Space | 23,74% Space Free | Partition Type: NTFS

Drive D: | 45,21 Gb Total Space | 5,25 Gb Free Space | 11,61% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: ŁUKASZ-KOMPUTER

Current User Name: Łukasz

Logged in as Administrator.

Current Boot Mode: SafeMode with Networking

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe

PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe

MOD - [2009-07-14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll

MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll

MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll

MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll

MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll

MOD - [2009-07-14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll

MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll

MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll

MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010-06-15 17:37:52 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2010-03-27 10:42:24 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010-03-16 03:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010-03-14 10:21:44 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)

SRV - [2010-03-14 10:21:25 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)

SRV - [2009-07-14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)

SRV - [2009-07-14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)

SRV - [2009-07-14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)

SRV - [2009-07-14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\themeservice.dll -- (Themes)

SRV - [2009-07-14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)

SRV - [2009-07-14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)

SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)

SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)

SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)

SRV - [2009-07-14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)

SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009-07-14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)

SRV - [2009-07-14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)

SRV - [2009-07-14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)

SRV - [2009-07-14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)

SRV - [2009-07-14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV)

SRV - [2009-07-14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)

SRV - [2009-07-14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)

SRV - [2009-04-28 03:40:44 | 004,440,064 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)

SRV - [2008-09-29 06:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

========== Driver Services (SafeList) ==========

DRV - [2010-06-03 18:13:49 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)

DRV - [2010-06-03 18:13:49 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)

DRV - [2010-05-08 08:45:55 | 000,137,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PnkBstrK.sys -- (PnkBstrK)

DRV - [2010-03-16 08:51:59 | 011,573,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010-03-14 10:21:25 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)

DRV - [2009-12-11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2009-07-14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)

DRV - [2009-07-14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)

DRV - [2009-07-14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)

DRV - [2009-07-14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)

DRV - [2009-07-14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)

DRV - [2009-07-14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)

DRV - [2009-07-14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)

DRV - [2009-07-14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)

DRV - [2009-07-14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)

DRV - [2009-07-14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)

DRV - [2009-07-14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2009-07-14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)

DRV - [2009-07-14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)

DRV - [2009-07-14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)

DRV - [2009-07-14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)

DRV - [2009-07-14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)

DRV - [2009-07-14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009-07-14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)

DRV - [2009-07-14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009-07-14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)

DRV - [2009-07-14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)

DRV - [2009-07-14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2009-07-14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)

DRV - [2009-07-14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)

DRV - [2009-07-14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)

DRV - [2009-07-14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009-07-14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)

DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)

DRV - [2009-07-14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)

DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)

DRV - [2009-07-14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)

DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009-07-14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)

DRV - [2009-07-14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)

DRV - [2009-07-14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2009-07-14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)

DRV - [2009-07-14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)

DRV - [2009-07-14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009-07-14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)

DRV - [2009-07-14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)

DRV - [2009-07-14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)

DRV - [2009-07-14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2009-07-14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)

DRV - [2009-07-14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009-07-14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV - [2009-07-14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009-07-14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009-07-14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009-07-14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)

DRV - [2009-07-14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)

DRV - [2009-07-14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009-07-14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)

DRV - [2009-07-14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2009-07-14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)

DRV - [2009-07-14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)

DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)

DRV - [2009-07-14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009-07-14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)

DRV - [2009-07-14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)

DRV - [2009-07-14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)

DRV - [2009-07-14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009-07-14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009-07-14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009-07-14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009-07-14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009-07-14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009-07-14 00:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)

DRV - [2009-07-14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009-07-14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)

DRV - [2009-07-14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

DRV - [2004-08-13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.start24.pl/

IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Bitcommet\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)

O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)

O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [RGSC] D:\Program Files\Gta 4\Rockstar Games Social Club\RGSCLauncher.exe File not found

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm ()

O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: Pobierz za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com)

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:\Bitcommet\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 193.169.112.1 0.0.0.0

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)

O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-06-18 08:14:07 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe

[2010-06-15 17:37:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat

[2010-06-10 14:07:56 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010-06-10 14:07:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll

[2010-06-10 14:07:52 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010-06-10 14:07:52 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010-06-10 14:07:52 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010-06-10 14:07:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010-06-10 14:07:41 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2010-06-10 14:07:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2010-06-08 18:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2010-06-08 18:11:56 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Google

[2010-06-04 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Deployment

[2010-06-04 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Apps

[2010-05-30 14:04:42 | 000,000,000 | -H-D | C] -- C:\Users\Łukasz\Documents\Runes of Magic

[2010-05-30 13:44:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

========== Files - Modified Within 30 Days ==========

[2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe

[2010-06-18 08:10:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010-06-18 08:10:19 | 2817,925,120 | -HS- | M] () -- C:\hiberfil.sys

[2010-06-17 17:14:23 | 003,407,872 | -HS- | M] () -- C:\Users\Łukasz\NTUSER.DAT

[2010-06-16 19:00:05 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempoq2860.html

[2010-06-16 19:00:05 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempLJ2860.html

[2010-06-16 18:17:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010-06-16 18:17:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010-06-16 18:07:58 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010-06-16 18:07:58 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010-06-16 18:04:25 | 061,115,517 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm

[2010-06-16 18:00:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010-06-16 17:51:37 | 000,003,296 | ---- | M] () -- C:\bootsqm.dat

[2010-06-15 17:42:39 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempRv3416.html

[2010-06-15 17:14:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempiI2952.html

[2010-06-13 15:35:39 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempuZ2828.html

[2010-06-13 12:16:32 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYL3368.html

[2010-06-13 12:16:32 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempsu3368.html

[2010-06-13 12:03:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempPa2828.html

[2010-06-13 12:03:45 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGa2828.html

[2010-06-12 20:22:18 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGD3508.html

[2010-06-12 12:25:33 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempBo3472.html

[2010-06-11 14:47:53 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempCd3620.html

[2010-06-11 14:46:59 | 001,618,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010-06-11 14:39:10 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Temprc3608.html

[2010-06-10 14:04:11 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempAC3040.html

[2010-06-08 18:58:58 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemprY2712.html

[2010-06-07 21:44:15 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGP2868.html

[2010-06-07 21:44:15 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempgu2868.html

[2010-06-07 16:42:06 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempWV2728.html

[2010-06-06 13:50:40 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempDW3036.html

[2010-06-06 11:06:01 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXt2648.html

[2010-06-05 17:07:30 | 001,550,892 | ---- | M] () -- C:\Windows\System32\perfh015.dat

[2010-06-05 17:07:30 | 000,900,074 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010-06-05 17:07:30 | 000,420,758 | ---- | M] () -- C:\Windows\System32\perfc015.dat

[2010-06-05 17:07:30 | 000,383,012 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010-06-05 17:07:30 | 000,004,568 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010-06-05 17:05:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempJi2632.html

[2010-06-05 14:59:35 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempVR3000.html

[2010-06-05 10:42:09 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempbT2876.html

[2010-06-04 21:20:30 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempVC2688.html

[2010-06-04 13:57:55 | 000,005,871 | ---- | M] () -- C:\Users\Łukasz\.recently-used.xbel

[2010-06-04 12:48:45 | 000,000,000 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip

[2010-06-04 12:48:32 | 000,000,312 | ---- | M] () -- C:\Users\Łukasz\Desktop\Curse Client.appref-ms

[2010-06-03 20:12:38 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempNP3180.html

[2010-06-03 20:12:38 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempug3180.html

[2010-06-03 18:13:49 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys

[2010-06-03 18:13:49 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys

[2010-06-03 18:04:08 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempaJ3112.html

[2010-06-02 07:52:57 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempIJ2668.html

[2010-06-01 12:58:31 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempuB2680.html

[2010-06-01 07:53:26 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXY2696.html

[2010-05-31 08:25:48 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempes2524.html

[2010-05-31 08:25:48 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYh2524.html

[2010-05-30 19:55:36 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempOW2996.html

[2010-05-30 19:55:36 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempua2996.html

[2010-05-30 14:05:36 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempZF3900.html

[2010-05-30 14:02:20 | 000,001,089 | ---- | M] () -- C:\Users\Łukasz\Desktop\Runes of Magic.lnk

[2010-05-30 13:42:24 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYs2564.html

[2010-05-30 13:42:24 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempMF2564.html

[2010-05-27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2010-05-27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2010-05-21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

========== Files Created - No Company Name ==========

[2010-06-16 18:01:23 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempoq2860.html

[2010-06-16 18:01:23 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempLJ2860.html

[2010-06-16 17:51:37 | 000,003,296 | ---- | C] () -- C:\bootsqm.dat

[2010-06-15 17:42:24 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempRv3416.html

[2010-06-15 16:46:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempiI2952.html

[2010-06-13 15:35:25 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuZ2828.html

[2010-06-13 12:11:06 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYL3368.html

[2010-06-13 12:11:06 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempsu3368.html

[2010-06-13 10:48:21 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPa2828.html

[2010-06-13 10:48:21 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGa2828.html

[2010-06-12 20:20:44 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGD3508.html

[2010-06-12 12:25:01 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempBo3472.html

[2010-06-11 14:47:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempCd3620.html

[2010-06-11 14:38:50 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temprc3608.html

[2010-06-10 14:03:49 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempAC3040.html

[2010-06-08 18:12:04 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010-06-08 18:12:03 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010-06-08 18:09:24 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemprY2712.html

[2010-06-07 20:01:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGP2868.html

[2010-06-07 20:01:00 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempgu2868.html

[2010-06-07 16:07:58 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempWV2728.html

[2010-06-06 13:40:31 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempDW3036.html

[2010-06-06 11:00:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXt2648.html

[2010-06-05 17:05:34 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempJi2632.html

[2010-06-05 14:42:17 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVR3000.html

[2010-06-05 10:40:55 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempbT2876.html

[2010-06-04 21:18:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVC2688.html

[2010-06-04 13:57:55 | 000,005,871 | ---- | C] () -- C:\Users\Łukasz\.recently-used.xbel

[2010-06-04 12:48:45 | 000,000,000 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip

[2010-06-04 12:48:32 | 000,000,312 | ---- | C] () -- C:\Users\Łukasz\Desktop\Curse Client.appref-ms

[2010-06-03 19:58:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempNP3180.html

[2010-06-03 19:58:36 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempug3180.html

[2010-06-03 18:03:40 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempaJ3112.html

[2010-06-02 07:52:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempIJ2668.html

[2010-06-01 12:58:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuB2680.html

[2010-06-01 07:53:05 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXY2696.html

[2010-05-31 07:45:35 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempes2524.html

[2010-05-31 07:45:35 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYh2524.html

[2010-05-30 15:58:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempOW2996.html

[2010-05-30 15:58:36 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempua2996.html

[2010-05-30 14:02:22 | 000,001,089 | ---- | C] () -- C:\Users\Łukasz\Desktop\Runes of Magic.lnk

[2010-05-30 13:42:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZF3900.html

[2010-05-30 13:40:26 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYs2564.html

[2010-05-30 13:40:26 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempMF2564.html

[2010-03-06 20:00:18 | 000,137,256 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys

[2010-02-25 20:15:37 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010-02-25 20:15:37 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2010-02-25 20:15:36 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2010-02-25 20:15:36 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010-02-25 20:15:35 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010-02-25 20:15:35 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest

[2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2007-08-01 05:39:28 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

[2004-08-13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

========== LOP Check ==========

[2010-04-05 12:50:06 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\COWON

[2010-03-12 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\FOG Downloader

[2010-06-04 12:22:42 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Gadu-Gadu 10

[2010-05-05 14:22:53 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\gtk-2.0

[2010-04-11 09:41:34 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Mount&Blade Warband

[2010-04-27 21:41:37 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\SA-MP Audio Plugin

[2010-05-04 16:04:11 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 2010-06-18 08:15:27 - Run 1

OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Łukasz\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 88,00% Memory free

7,00 Gb Paging File | 7,00 Gb Available in Paging File | 95,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 29,20 Gb Total Space | 6,93 Gb Free Space | 23,74% Space Free | Partition Type: NTFS

Drive D: | 45,21 Gb Total Space | 5,25 Gb Free Space | 11,61% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: ŁUKASZ-KOMPUTER

Current User Name: Łukasz

Logged in as Administrator.

Current Boot Mode: SafeMode with Networking

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help

"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin

"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM

"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings

"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3

"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart

"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax

"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company? 2

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help

"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers

"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help

"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter

"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV

"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3

"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV

"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help

"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All

"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed

"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed

"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed

"{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3

"{7d2c33b7-2357-4737-82b2-4d386aa1861e}" = Nero 9

"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express

"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime

"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in

"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer

"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific

"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic

"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress

"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3

"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit

"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings

"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2

"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit

"{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup

"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas

"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help

"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings

"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings

"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX

"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio

"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3

"AVG9Uninstall" = AVG Free 9.0

"Badaboom" = Badaboom 1.1.1.241

"BitComet" = BitComet 1.20

"Gadu-Gadu 10" = Gadu-Gadu 10

"IncrediMail Xe" = IncrediMail Xe

"KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Full)

"Mount&Blade Warband" = Mount&Blade Warband

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Pakiet języka polskiego do jetAudio 6" = Pakiet języka polskiego do jetAudio 6

"PunkBusterSvc" = PunkBuster Services

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"VLC media player" = VLC media player 1.0.2

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinRAR archiver" = Archiwizator WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2487932381-1574326979-1788561927-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"090215de958f1060" = Curse Client

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.

Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych

Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis

DWORD w sekcji Data.

Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.

Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych

Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis

DWORD w sekcji Data.

Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl

(WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu.

Error - 2010-06-03 12:13:51 | Computer Name = Łukasz-Komputer | Source = VSS | ID = 8194

Description =

Error - 2010-06-05 06:27:59 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000

Description = Nazwa aplikacji powodującej błąd: Client.exe, wersja: 3.0.1.2181,

sygnatura czasowa: 0x4bf3c2a1 Nazwa modułu powodującego błąd: ntdll.dll, wersja:

6.1.7600.16385, sygnatura czasowa: 0x4a5bdadb Kod wyjątku: 0xc0000005 Przesunięcie

błędu: 0x00060cec Identyfikator procesu powodującego błąd: 0x158 Godzina uruchomienia

aplikacji powodującej błąd: 0x01cb04917005ea0b Ścieżka aplikacji powodującej błąd:

D:\Program Files\Runes of Magic\Runes of Magic\Client.exe Ścieżka modułu powodującego

błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 02e5fce8-708d-11df-b1a2-00261809330c

Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.

Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych

Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis

DWORD w sekcji Data.

Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.

Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych

Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis

DWORD w sekcji Data.

Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl

(WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu.

Error - 2010-06-06 05:06:47 | Computer Name = Łukasz-Komputer | Source = Application Hang | ID = 1002

Description = Program IncMail.exe w wersji 2.0.0.1184 zatrzymał interakcję z systemem

Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji

dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum

akcji. Identyfikator procesu: 97c Godzina rozpoczęcia: 01cb05577da879e6 Godzina zakończenia:

31 Ścieżka aplikacji: C:\Program Files\IncrediMail\bin\IncMail.exe Identyfikator

raportu:

Error - 2010-06-06 08:54:57 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000

Description = Nazwa aplikacji powodującej błąd: Client.exe, wersja: 3.0.1.2181,

sygnatura czasowa: 0x4bf3c2a1 Nazwa modułu powodującego błąd: ntdll.dll, wersja:

6.1.7600.16385, sygnatura czasowa: 0x4a5bdadb Kod wyjątku: 0xc0000005 Przesunięcie

błędu: 0x00060cec Identyfikator procesu powodującego błąd: 0x14c0 Godzina uruchomienia

aplikacji powodującej błąd: 0x01cb056dd3177264 Ścieżka aplikacji powodującej błąd:

D:\Program Files\Runes of Magic\Runes of Magic\Client.exe Ścieżka modułu powodującego

błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: b56247f8-716a-11df-b6f9-00261809330c

[ System Events ]

Error - 2010-06-18 02:10:51 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 02:10:51 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 02:10:57 | Computer Name = Łukasz-Komputer | Source = DCOM | ID = 10005

Description =

Error - 2010-06-18 02:10:57 | Computer Name = Łukasz-Komputer | Source = DCOM | ID = 10005

Description =

Error - 2010-06-18 02:10:58 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania

funkcji, której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 02:11:01 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 02:11:01 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 02:11:01 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 02:12:39 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 02:12:39 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

< End of report >

Link do komentarza
Udostępnij na innych stronach

Bawiłeś się może usługami systemowymi? Śladów infekcji nie widać, ale widać, że system próbuje uruchomić jakieś usługi, ale nie może tego zrobić.

Daj może jeszcze jeden log z OTL, tym razem zaznacz opcję All w polach Services oraz Drivers, w reszcie możesz ustawić opcję None, reszta ustawień jak wcześniej.

Link do komentarza
Udostępnij na innych stronach

nie bawiłem się w systemie :D

to pierwszy log

OTL logfile created on: 2010-06-18 15:49:56 - Run 2

OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Łukasz\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free

7,00 Gb Paging File | 6,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 29,20 Gb Total Space | 6,94 Gb Free Space | 23,76% Space Free | Partition Type: NTFS

Drive D: | 45,21 Gb Total Space | 5,25 Gb Free Space | 11,61% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: ŁUKASZ-KOMPUTER

Current User Name: Łukasz

Logged in as Administrator.

Current Boot Mode: SafeMode with Networking

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe

PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe

MOD - [2009-07-14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll

MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll

MOD - [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll

MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll

MOD - [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll

MOD - [2009-07-14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll

MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll

MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll

MOD - [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (All) ==========

SRV - [2010-06-15 17:37:52 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2010-06-08 18:11:56 | 000,136,176 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)

SRV - [2010-05-08 09:21:46 | 000,218,808 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB)

SRV - [2010-03-27 10:42:24 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010-03-16 03:15:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)

SRV - [2010-03-16 03:09:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010-03-14 10:21:44 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)

SRV - [2010-03-14 10:21:25 | 000,916,760 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)

SRV - [2010-03-06 19:59:47 | 000,075,064 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA)

SRV - [2009-07-14 03:16:21 | 001,912,832 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)

SRV - [2009-07-14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)

SRV - [2009-07-14 03:16:21 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\WUDFSvc.dll -- (wudfsvc)

SRV - [2009-07-14 03:16:20 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WsmSvc.dll -- (WinRM) Zdalne zarządzanie systemem Windows (WS-Management)

SRV - [2009-07-14 03:16:20 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpdbusenum.dll -- (WPDBusEnum)

SRV - [2009-07-14 03:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)

SRV - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wpcsvc.dll -- (WPCSvc)

SRV - [2009-07-14 03:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)

SRV - [2009-07-14 03:16:19 | 000,348,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\winhttp.dll -- (WinHttpAutoProxySvc)

SRV - [2009-07-14 03:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)

SRV - [2009-07-14 03:16:19 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

SRV - [2009-07-14 03:16:18 | 001,086,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)

SRV - [2009-07-14 03:16:18 | 000,462,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiaservc.dll -- (StiSvc) Windows Image Acquisition (WIA)

SRV - [2009-07-14 03:16:18 | 000,276,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wcncsvc.dll -- (wcncsvc)

SRV - [2009-07-14 03:16:18 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WebClnt.dll -- (WebClient)

SRV - [2009-07-14 03:16:18 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wecsvc.dll -- (Wecsvc)

SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiSystemHost)

SRV - [2009-07-14 03:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\wdi.dll -- (WdiServiceHost)

SRV - [2009-07-14 03:16:18 | 000,065,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wersvc.dll -- (WerSvc)

SRV - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wercplsupport.dll -- (wercplsupport)

SRV - [2009-07-14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WcsPlugInService.dll -- (WcsPlugInService)

SRV - [2009-07-14 03:16:17 | 000,294,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)

SRV - [2009-07-14 03:16:17 | 000,288,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\w32time.dll -- (W32Time)

SRV - [2009-07-14 03:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\upnphost.dll -- (upnphost)

SRV - [2009-07-14 03:16:17 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\umrdp.dll -- (UmRdpService)

SRV - [2009-07-14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)

SRV - [2009-07-14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)

SRV - [2009-07-14 03:16:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\uxsms.dll -- (UxSms)

SRV - [2009-07-14 03:16:16 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\trkwks.dll -- (TrkWks)

SRV - [2009-07-14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\themeservice.dll -- (Themes)

SRV - [2009-07-14 03:16:15 | 001,169,408 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sysmain.dll -- (SysMain)

SRV - [2009-07-14 03:16:15 | 000,543,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\termsrv.dll -- (TermService)

SRV - [2009-07-14 03:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)

SRV - [2009-07-14 03:16:15 | 000,241,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)

SRV - [2009-07-14 03:16:15 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)

SRV - [2009-07-14 03:16:15 | 000,162,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ssdpsrv.dll -- (SSDPSRV)

SRV - [2009-07-14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sstpsvc.dll -- (SstpSvc)

SRV - [2009-07-14 03:16:15 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\TabSvc.dll -- (TabletInputService)

SRV - [2009-07-14 03:16:15 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\tbssvc.dll -- (TBS)

SRV - [2009-07-14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)

SRV - [2009-07-14 03:16:14 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)

SRV - [2009-07-14 03:16:13 | 000,743,424 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\schedsvc.dll -- (Schedule)

SRV - [2009-07-14 03:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs) Zdalne wywoływanie procedur (RPC)

SRV - [2009-07-14 03:16:13 | 000,376,320 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)

SRV - [2009-07-14 03:16:13 | 000,132,608 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\SCardSvr.dll -- (SCardSvr)

SRV - [2009-07-14 03:16:13 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)

SRV - [2009-07-14 03:16:13 | 000,112,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\regsvc.dll -- (RemoteRegistry)

SRV - [2009-07-14 03:16:13 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\SessEnv.dll -- (SessionEnv)

SRV - [2009-07-14 03:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\Sens.dll -- (SENS)

SRV - [2009-07-14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)

SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009-07-14 03:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)

SRV - [2009-07-14 03:16:12 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pla.dll -- (pla)

SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009-07-14 03:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\qmgr.dll -- (BITS)

SRV - [2009-07-14 03:16:12 | 000,330,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\QAGENTRT.DLL -- (napagent)

SRV - [2009-07-14 03:16:12 | 000,327,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\p2psvc.dll -- (p2psvc)

SRV - [2009-07-14 03:16:12 | 000,285,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasmans.dll -- (RasMan)

SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)

SRV - [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)

SRV - [2009-07-14 03:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qwave.dll -- (QWAVE)

SRV - [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)

SRV - [2009-07-14 03:16:12 | 000,162,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)

SRV - [2009-07-14 03:16:12 | 000,154,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pcasvc.dll -- (PcaSvc)

SRV - [2009-07-14 03:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)

SRV - [2009-07-14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)

SRV - [2009-07-14 03:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)

SRV - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)

SRV - [2009-07-14 03:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)

SRV - [2009-07-14 03:16:03 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)

SRV - [2009-07-14 03:15:43 | 000,308,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msdtckrm.dll -- (KtmRm)

SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009-07-14 03:15:41 | 000,565,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)

SRV - [2009-07-14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\mprdim.dll -- (RemoteAccess)

SRV - [2009-07-14 03:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\mmcss.dll -- (THREADORDER)

SRV - [2009-07-14 03:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)

SRV - [2009-07-14 03:15:38 | 000,067,584 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\Mcx2Svc.dll -- (Mcx2Svc)

SRV - [2009-07-14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)

SRV - [2009-07-14 03:15:36 | 000,189,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lltdsvc.dll -- (lltdsvc)

SRV - [2009-07-14 03:15:36 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lmhsvc.dll -- (lmhosts)

SRV - [2009-07-14 03:15:35 | 000,071,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\KMSVC.DLL -- (hkmsvc)

SRV - [2009-07-14 03:15:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\iscsiexe.dll -- (MSiSCSI)

SRV - [2009-07-14 03:15:33 | 000,497,152 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\iphlpsvc.dll -- (iphlpsvc)

SRV - [2009-07-14 03:15:33 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)

SRV - [2009-07-14 03:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess) Udostępnianie połączenia internetowego (ICS)

SRV - [2009-07-14 03:15:33 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPBusEnum.dll -- (IPBusEnum)

SRV - [2009-07-14 03:15:31 | 000,667,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IKEEXT.DLL -- (IKEEXT)

SRV - [2009-07-14 03:15:24 | 000,591,360 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\gpsvc.dll -- (gpsvc)

SRV - [2009-07-14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)

SRV - [2009-07-14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009-07-14 03:15:20 | 000,028,160 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\FDResPub.dll -- (FDResPub)

SRV - [2009-07-14 03:15:20 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fdPHost.dll -- (fdPHost)

SRV - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\es.dll -- (EventSystem)

SRV - [2009-07-14 03:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost) Protokół uwierzytelniania rozszerzonego (EAP)

SRV - [2009-07-14 03:15:12 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)

SRV - [2009-07-14 03:15:12 | 000,143,360 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\dps.dll -- (DPS)

SRV - [2009-07-14 03:15:12 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)

SRV - [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)

SRV - [2009-07-14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)

SRV - [2009-07-14 03:15:07 | 000,544,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\cscsvc.dll -- (CscService)

SRV - [2009-07-14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)

SRV - [2009-07-14 03:15:02 | 000,067,584 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\certprop.dll -- (SCPolicySvc)

SRV - [2009-07-14 03:15:02 | 000,067,584 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\certprop.dll -- (CertPropSvc)

SRV - [2009-07-14 03:15:00 | 000,102,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)

SRV - [2009-07-14 03:15:00 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\bthserv.dll -- (bthserv)

SRV - [2009-07-14 03:14:59 | 000,493,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)

SRV - [2009-07-14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)

SRV - [2009-07-14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalator formantów ActiveX (AxInstSV)

SRV - [2009-07-14 03:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)

SRV - [2009-07-14 03:14:57 | 000,473,088 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)

SRV - [2009-07-14 03:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)

SRV - [2009-07-14 03:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)

SRV - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)

SRV - [2009-07-14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)

SRV - [2009-07-14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)

SRV - [2009-07-14 03:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbem\WmiApSrv.exe -- (wmiApSrv)

SRV - [2009-07-14 03:14:44 | 001,202,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbengine.exe -- (wbengine)

SRV - [2009-07-14 03:14:43 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)

SRV - [2009-07-14 03:14:43 | 000,452,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vds.exe -- (vds)

SRV - [2009-07-14 03:14:43 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect)

SRV - [2009-07-14 03:14:42 | 000,204,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)

SRV - [2009-07-14 03:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\spoolsv.exe -- (Spooler)

SRV - [2009-07-14 03:14:39 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP)

SRV - [2009-07-14 03:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\SearchIndexer.exe -- (WSearch)

SRV - [2009-07-14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)

SRV - [2009-07-14 03:14:25 | 000,134,144 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\msdtc.exe -- (MSDTC)

SRV - [2009-07-14 03:14:25 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)

SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (VaultSvc)

SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\lsass.exe -- (SamSs)

SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)

SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (Netlogon)

SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (KeyIso)

SRV - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\lsass.exe -- (EFS) System szyfrowania plików (EFS)

SRV - [2009-07-14 03:14:22 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Locator.exe -- (RpcLocator) Lokalizator usługi zdalnego wywołania procedury (RPC)

SRV - [2009-07-14 03:14:20 | 000,522,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FXSSVC.exe -- (Fax)

SRV - [2009-07-14 03:14:19 | 000,557,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)

SRV - [2009-07-14 03:14:19 | 000,094,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)

SRV - [2009-07-14 03:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dllhost.exe -- (COMSysApp)

SRV - [2009-07-14 03:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)

SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009-06-10 23:14:51 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)

SRV - [2009-06-10 23:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)

SRV - [2009-06-10 23:14:02 | 000,878,416 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)

SRV - [2009-04-28 03:40:44 | 004,440,064 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)

SRV - [2008-09-29 06:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

SRV - [2006-02-28 13:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)

========== Driver Services (All) ==========

DRV - [2010-06-03 18:13:49 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)

DRV - [2010-06-03 18:13:49 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)

DRV - [2010-05-08 08:45:55 | 000,137,256 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PnkBstrK.sys -- (PnkBstrK)

DRV - [2010-03-16 08:51:59 | 011,573,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010-03-14 10:21:25 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)

DRV - [2010-02-27 09:32:26 | 000,221,696 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10)

DRV - [2010-02-27 09:32:12 | 000,095,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20)

DRV - [2010-02-27 09:32:05 | 000,123,392 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mrxsmb.sys -- (mrxsmb)

DRV - [2009-12-11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2009-12-08 10:05:40 | 000,310,784 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srv.sys -- (srv)

DRV - [2009-12-08 10:05:09 | 000,113,664 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet)

DRV - [2009-10-02 06:06:59 | 000,728,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl)

DRV - [2009-09-26 07:58:35 | 000,194,488 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\DRIVERS\fvevol.sys -- (fvevol)

DRV - [2009-07-14 03:26:21 | 000,249,408 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\System32\clfs.sys -- (CLFS) System Common Log (CLFS)

DRV - [2009-07-14 03:26:21 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\compbatt.sys -- (Compbatt)

DRV - [2009-07-14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)

DRV - [2009-07-14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)

DRV - [2009-07-14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)

DRV - [2009-07-14 03:26:15 | 000,274,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ACPI.sys -- (ACPI)

DRV - [2009-07-14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)

DRV - [2009-07-14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)

DRV - [2009-07-14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)

DRV - [2009-07-14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)

DRV - [2009-07-14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)

DRV - [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdagp.sys -- (amdagp)

DRV - [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\agp440.sys -- (agp440)

DRV - [2009-07-14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)

DRV - [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\atapi.sys -- (atapi)

DRV - [2009-07-14 03:26:15 | 000,014,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdide.sys -- (amdide)

DRV - [2009-07-14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)

DRV - [2009-07-14 03:20:45 | 000,153,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\pci.sys -- (pci)

DRV - [2009-07-14 03:20:45 | 000,012,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\pciide.sys -- (pciide)

DRV - [2009-07-14 03:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\ntfs.sys -- (Ntfs)

DRV - [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ndis.sys -- (NDIS)

DRV - [2009-07-14 03:20:44 | 000,186,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\msiscsi.sys -- (iScsiPrt)

DRV - [2009-07-14 03:20:44 | 000,162,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC)

DRV - [2009-07-14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2009-07-14 03:20:44 | 000,130,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\mpio.sys -- (mpio)

DRV - [2009-07-14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)

DRV - [2009-07-14 03:20:44 | 000,115,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\msdsm.sys -- (msdsm)

DRV - [2009-07-14 03:20:44 | 000,105,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nv_agp.sys -- (nv_agp)

DRV - [2009-07-14 03:20:44 | 000,078,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mountmgr.sys -- (mountmgr)

DRV - [2009-07-14 03:20:44 | 000,056,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\partmgr.sys -- (partmgr)

DRV - [2009-07-14 03:20:44 | 000,049,728 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\mup.sys -- (Mup)

DRV - [2009-07-14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)

DRV - [2009-07-14 03:20:44 | 000,041,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouclass.sys -- (mouclass)

DRV - [2009-07-14 03:20:44 | 000,028,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\mssmbios.sys -- (mssmbios)

DRV - [2009-07-14 03:20:44 | 000,027,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\msahci.sys -- (msahci)

DRV - [2009-07-14 03:20:43 | 000,013,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\msisadrv.sys -- (msisadrv)

DRV - [2009-07-14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)

DRV - [2009-07-14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)

DRV - [2009-07-14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)

DRV - [2009-07-14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009-07-14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)

DRV - [2009-07-14 03:20:36 | 000,067,664 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecdd.sys -- (KSecDD)

DRV - [2009-07-14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009-07-14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\isapnp.sys -- (isapnp)

DRV - [2009-07-14 03:20:36 | 000,042,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdclass.sys -- (kbdclass)

DRV - [2009-07-14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)

DRV - [2009-07-14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)

DRV - [2009-07-14 03:20:36 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\intelide.sys -- (intelide)

DRV - [2009-07-14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2009-07-14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)

DRV - [2009-07-14 03:20:28 | 000,198,208 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fltmgr.sys -- (FltMgr)

DRV - [2009-07-14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)

DRV - [2009-07-14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)

DRV - [2009-07-14 03:20:28 | 000,058,448 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\fileinfo.sys -- (FileInfo)

DRV - [2009-07-14 03:20:28 | 000,057,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\gagp30kx.sys -- (gagp30kx)

DRV - [2009-07-14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009-07-14 03:20:28 | 000,022,096 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\DRIVERS\crcdisk.sys -- (crcdisk)

DRV - [2009-07-14 03:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\disk.sys -- (Disk)

DRV - [2009-07-14 03:19:11 | 000,297,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx)

DRV - [2009-07-14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)

DRV - [2009-07-14 03:19:11 | 000,057,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\uliagpkx.sys -- (uliagpkx)

DRV - [2009-07-14 03:19:11 | 000,019,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\wd.sys -- (Wd)

DRV - [2009-07-14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcpip.sys -- (TCPIP6)

DRV - [2009-07-14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tcpip.sys -- (Tcpip)

DRV - [2009-07-14 03:19:10 | 000,445,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\Wdf01000.sys -- (Wdf01000)

DRV - [2009-07-14 03:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\volsnap.sys -- (volsnap)

DRV - [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)

DRV - [2009-07-14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)

DRV - [2009-07-14 03:19:10 | 000,055,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\uagp35.sys -- (uagp35)

DRV - [2009-07-14 03:19:10 | 000,053,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaagp.sys -- (viaagp)

DRV - [2009-07-14 03:19:10 | 000,053,312 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\volmgr.sys -- (volmgr)

DRV - [2009-07-14 03:19:10 | 000,051,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\termdd.sys -- (TermDD)

DRV - [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)

DRV - [2009-07-14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)

DRV - [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)

DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009-07-14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)

DRV - [2009-07-14 03:19:10 | 000,012,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swenum.sys -- (swenum)

DRV - [2009-07-14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)

DRV - [2009-07-14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2009-07-14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)

DRV - [2009-07-14 03:19:04 | 000,085,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sbp2port.sys -- (sbp2port)

DRV - [2009-07-14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)

DRV - [2009-07-14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009-07-14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)

DRV - [2009-07-14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)

DRV - [2009-07-14 03:19:03 | 000,180,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\pcmcia.sys -- (pcmcia)

DRV - [2009-07-14 03:19:03 | 000,052,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisagp.sys -- (sisagp)

DRV - [2009-07-14 03:19:03 | 000,017,472 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\spldr.sys -- (spldr)

DRV - [2009-07-14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)

DRV - [2009-07-14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2009-07-14 02:41:15 | 000,586,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH)

DRV - [2009-07-14 02:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\usbprint.sys -- (usbprint)

DRV - [2009-07-14 02:02:58 | 000,133,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpdr.sys -- (RDPDR)

DRV - [2009-07-14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)

DRV - [2009-07-14 02:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpwd.sys -- (RDPWD)

DRV - [2009-07-14 02:01:51 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tssecsrv.sys -- (tssecsrv)

DRV - [2009-07-14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009-07-14 02:01:40 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPCDD.sys -- (RDPCDD)

DRV - [2009-07-14 02:01:39 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPENCDD.sys -- (RDPENCDD)

DRV - [2009-07-14 02:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdtcp.sys -- (TDTCP)

DRV - [2009-07-14 02:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdpipe.sys -- (TDPIPE)

DRV - [2009-07-14 01:55:24 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\modem.sys -- (Modem)

DRV - [2009-07-14 01:55:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (Wanarpv6)

DRV - [2009-07-14 01:55:02 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanarp.sys -- (WANARP)

DRV - [2009-07-14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ws2ifsl.sys -- (ws2ifsl)

DRV - [2009-07-14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV - [2009-07-14 01:54:58 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp) WAN Miniport (SSTP)

DRV - [2009-07-14 01:54:53 | 000,077,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspppoe.sys -- (RasPppoe)

DRV - [2009-07-14 01:54:48 | 000,073,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\raspptp.sys -- (PptpMiniport) Miniport WAN (PPTP)

DRV - [2009-07-14 01:54:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\asyncmac.sys -- (AsyncMac)

DRV - [2009-07-14 01:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rasacd.sys -- (RasAcd)

DRV - [2009-07-14 01:54:35 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndiswan.sys -- (NdisWan)

DRV - [2009-07-14 01:54:34 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rasl2tp.sys -- (Rasl2tp) Miniport WAN (L2TP)

DRV - [2009-07-14 01:54:29 | 000,101,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipnat.sys -- (IPNAT)

DRV - [2009-07-14 01:54:29 | 000,058,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipfltdrv.sys -- (IpFilterDriver)

DRV - [2009-07-14 01:54:27 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndproxy.sys -- (NDProxy)

DRV - [2009-07-14 01:54:24 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ndistapi.sys -- (NdisTapi)

DRV - [2009-07-14 01:54:14 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg)

DRV - [2009-07-14 01:54:13 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\qwavedrv.sys -- (QWAVEdrv)

DRV - [2009-07-14 01:54:03 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel)

DRV - [2009-07-14 01:53:58 | 000,104,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\pacer.sys -- (Psched)

DRV - [2009-07-14 01:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\netbios.sys -- (NetBIOS)

DRV - [2009-07-14 01:53:51 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndisuio.sys -- (Ndisuio)

DRV - [2009-07-14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009-07-14 01:53:41 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smb.sys -- (Smb) Protokół TCP/IP i TCP/IPv6 zorientowany na wiadomości (sesja SMB)

DRV - [2009-07-14 01:53:27 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\irenum.sys -- (IRENUM)

DRV - [2009-07-14 01:53:20 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr)

DRV - [2009-07-14 01:53:19 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio)

DRV - [2009-07-14 01:52:53 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv)

DRV - [2009-07-14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009-07-14 01:52:09 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbhub.sys -- (usbhub)

DRV - [2009-07-14 01:52:03 | 000,267,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP)

DRV - [2009-07-14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009-07-14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)

DRV - [2009-07-14 01:51:47 | 000,304,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService)

DRV - [2009-07-14 01:51:39 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\umbus.sys -- (umbus)

DRV - [2009-07-14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)

DRV - [2009-07-14 01:51:34 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bthmodem.sys -- (BTHMODEM)

DRV - [2009-07-14 01:51:33 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\hidbth.sys -- (HidBth)

DRV - [2009-07-14 01:51:31 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccgp.sys -- (usbccgp)

DRV - [2009-07-14 01:51:29 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)

DRV - [2009-07-14 01:51:19 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBSTOR.SYS -- (USBSTOR)

DRV - [2009-07-14 01:51:18 | 000,086,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)

DRV - [2009-07-14 01:51:17 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\circlass.sys -- (circlass)

DRV - [2009-07-14 01:51:14 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbehci.sys -- (usbehci)

DRV - [2009-07-14 01:51:14 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\usbohci.sys -- (usbohci)

DRV - [2009-07-14 01:51:10 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbuhci.sys -- (usbuhci)

DRV - [2009-07-14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009-07-14 01:51:05 | 000,037,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\hidir.sys -- (HidIr)

DRV - [2009-07-14 01:51:04 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidusb.sys -- (HidUsb)

DRV - [2009-07-14 01:50:57 | 000,005,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drmkaud.sys -- (drmkaud)

DRV - [2009-07-14 01:50:56 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2009-07-14 01:50:45 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUDFRd.sys -- (WUDFRd)

DRV - [2009-07-14 01:50:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WUDFPf.sys -- (WudfPf)

DRV - [2009-07-14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)

DRV - [2009-07-14 01:46:53 | 000,021,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\wacompen.sys -- (WacomPen)

DRV - [2009-07-14 01:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sfloppy.sys -- (sfloppy)

DRV - [2009-07-14 01:45:52 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sffp_sd.sys -- (sffp_sd)

DRV - [2009-07-14 01:45:52 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sffp_mmc.sys -- (sffp_mmc)

DRV - [2009-07-14 01:45:52 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sffdisk.sys -- (sffdisk)

DRV - [2009-07-14 01:45:45 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\fdc.sys -- (fdc)

DRV - [2009-07-14 01:45:45 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\flpydisk.sys -- (flpydisk)

DRV - [2009-07-14 01:45:35 | 000,079,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\parport.sys -- (Parport)

DRV - [2009-07-14 01:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)

DRV - [2009-07-14 01:45:29 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\parvdm.sys -- (Parvdm)

DRV - [2009-07-14 01:45:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serenum.sys -- (Serenum)

DRV - [2009-07-14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2009-07-14 01:45:09 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid)

DRV - [2009-07-14 01:45:08 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mouhid.sys -- (mouhid)

DRV - [2009-07-14 01:45:08 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sermouse.sys -- (sermouse)

DRV - [2009-07-14 01:45:08 | 000,008,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mskssrv.sys -- (MSKSSRV)

DRV - [2009-07-14 01:45:08 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mstee.sys -- (MSTEE)

DRV - [2009-07-14 01:45:08 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspclock.sys -- (MSPCLOCK)

DRV - [2009-07-14 01:45:07 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mspqm.sys -- (MSPQM)

DRV - [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\beep.sys -- (Beep)

DRV - [2009-07-14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)

DRV - [2009-07-14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2009-07-14 01:30:59 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\IPMIDrv.sys -- (IPMIDRV)

DRV - [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)

DRV - [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)

DRV - [2009-07-14 01:25:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\monitor.sys -- (monitor)

DRV - [2009-07-14 01:25:51 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vga.sys -- (VgaSave)

DRV - [2009-07-14 01:25:49 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vgapnp.sys -- (vga)

DRV - [2009-07-14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009-07-14 01:23:04 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2009-07-14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)

DRV - [2009-07-14 01:19:19 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\errdev.sys -- (ErrDev)

DRV - [2009-07-14 01:19:18 | 000,014,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\CmBatt.sys -- (CmBatt)

DRV - [2009-07-14 01:19:17 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\wmiacpi.sys -- (WmiAcpi)

DRV - [2009-07-14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)

DRV - [2009-07-14 01:15:45 | 000,086,528 | ---- | M] (Microsoft Corporation) [File_System | Auto | Stopped] -- C:\Windows\system32\drivers\luafv.sys -- (luafv)

DRV - [2009-07-14 01:15:29 | 000,028,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace)

DRV - [2009-07-14 01:15:13 | 000,387,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\csc.sys -- (CSC)

DRV - [2009-07-14 01:14:55 | 000,306,688 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\srv2.sys -- (srv2)

DRV - [2009-07-14 01:14:29 | 000,241,664 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\rdbss.sys -- (rdbss)

DRV - [2009-07-14 01:14:26 | 000,115,712 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\mrxdav.sys -- (MRxDAV)

DRV - [2009-07-14 01:14:22 | 000,069,632 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bowser.sys -- (bowser)

DRV - [2009-07-14 01:14:17 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)

DRV - [2009-07-14 01:14:09 | 000,246,784 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\udfs.sys -- (udfs)

DRV - [2009-07-14 01:14:03 | 000,142,336 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\exfat.sys -- (exfat)

DRV - [2009-07-14 01:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fastfat.sys -- (fastfat)

DRV - [2009-07-14 01:12:59 | 000,513,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\http.sys -- (HTTP)

DRV - [2009-07-14 01:12:38 | 000,338,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\afd.sys -- (AFD)

DRV - [2009-07-14 01:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (NetBT)

DRV - [2009-07-14 01:12:11 | 000,074,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tdx.sys -- (tdx)

DRV - [2009-07-14 01:12:08 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy)

DRV - [2009-07-14 01:11:32 | 000,035,328 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\npfs.sys -- (Npfs)

DRV - [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)

DRV - [2009-07-14 01:11:26 | 000,022,528 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\msfs.sys -- (Msfs)

DRV - [2009-07-14 01:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\i8042prt.sys -- (i8042prt)

DRV - [2009-07-14 01:11:15 | 000,070,656 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\cdfs.sys -- (cdfs)

DRV - [2009-07-14 01:11:12 | 000,004,608 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\null.sys -- (Null)

DRV - [2009-07-14 01:11:04 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdk8.sys -- (AmdK8)

DRV - [2009-07-14 01:11:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\intelppm.sys -- (intelppm)

DRV - [2009-07-14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viac7.sys -- (ViaC7)

DRV - [2009-07-14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)

DRV - [2009-07-14 01:11:04 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\processr.sys -- (Processor)

DRV - [2009-07-14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009-07-14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009-07-14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009-07-14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009-07-14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009-07-14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009-07-14 00:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)

DRV - [2009-07-14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009-07-14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)

DRV - [2009-07-14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

DRV - [2009-07-13 22:50:20 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)

DRV - [2004-08-13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.start24.pl/

IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\Bitcommet\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)

O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)

O4 - HKU\S-1-5-21-2487932381-1574326979-1788561927-1001..\Run: [RGSC] D:\Program Files\Gta 4\Rockstar Games Social Club\RGSCLauncher.exe File not found

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm ()

O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: Pobierz za pomocą BitComet - D:\Bitcommet\BitComet\BitComet.exe (www.BitComet.com)

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:\Bitcommet\BitComet\tools\BitCometBHO_1.4.1.27.dll (BitComet)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 193.169.112.1 0.0.0.0

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)

O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010-06-18 08:14:07 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe

[2010-06-15 17:37:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat

[2010-06-10 14:07:56 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010-06-10 14:07:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll

[2010-06-10 14:07:52 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010-06-10 14:07:52 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010-06-10 14:07:52 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010-06-10 14:07:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010-06-10 14:07:41 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2010-06-10 14:07:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2010-06-08 18:11:59 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2010-06-08 18:11:56 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Google

[2010-06-04 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Deployment

[2010-06-04 12:47:58 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Apps

[2010-05-30 14:04:42 | 000,000,000 | -H-D | C] -- C:\Users\Łukasz\Documents\Runes of Magic

[2010-05-30 13:44:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

========== Files - Modified Within 30 Days ==========

[2010-06-18 15:46:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010-06-18 15:46:41 | 2817,925,120 | -HS- | M] () -- C:\hiberfil.sys

[2010-06-18 08:32:34 | 003,407,872 | -HS- | M] () -- C:\Users\Łukasz\NTUSER.DAT

[2010-06-18 08:14:09 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Desktop\OTL.exe

[2010-06-16 19:00:05 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempoq2860.html

[2010-06-16 19:00:05 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempLJ2860.html

[2010-06-16 18:17:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010-06-16 18:17:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010-06-16 18:07:58 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010-06-16 18:07:58 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010-06-16 18:04:25 | 061,115,517 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm

[2010-06-16 18:00:44 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010-06-16 17:51:37 | 000,003,296 | ---- | M] () -- C:\bootsqm.dat

[2010-06-15 17:42:39 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempRv3416.html

[2010-06-15 17:14:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempiI2952.html

[2010-06-13 15:35:39 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempuZ2828.html

[2010-06-13 12:16:32 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYL3368.html

[2010-06-13 12:16:32 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempsu3368.html

[2010-06-13 12:03:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempPa2828.html

[2010-06-13 12:03:45 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGa2828.html

[2010-06-12 20:22:18 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGD3508.html

[2010-06-12 12:25:33 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempBo3472.html

[2010-06-11 14:47:53 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempCd3620.html

[2010-06-11 14:46:59 | 001,618,384 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010-06-11 14:39:10 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Temprc3608.html

[2010-06-10 14:04:11 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempAC3040.html

[2010-06-08 18:58:58 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TemprY2712.html

[2010-06-07 21:44:15 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempGP2868.html

[2010-06-07 21:44:15 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempgu2868.html

[2010-06-07 16:42:06 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempWV2728.html

[2010-06-06 13:50:40 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempDW3036.html

[2010-06-06 11:06:01 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXt2648.html

[2010-06-05 17:07:30 | 001,550,892 | ---- | M] () -- C:\Windows\System32\perfh015.dat

[2010-06-05 17:07:30 | 000,900,074 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010-06-05 17:07:30 | 000,420,758 | ---- | M] () -- C:\Windows\System32\perfc015.dat

[2010-06-05 17:07:30 | 000,383,012 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010-06-05 17:07:30 | 000,004,568 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010-06-05 17:05:45 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempJi2632.html

[2010-06-05 14:59:35 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempVR3000.html

[2010-06-05 10:42:09 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempbT2876.html

[2010-06-04 21:20:30 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempVC2688.html

[2010-06-04 13:57:55 | 000,005,871 | ---- | M] () -- C:\Users\Łukasz\.recently-used.xbel

[2010-06-04 12:48:45 | 000,000,000 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip

[2010-06-04 12:48:32 | 000,000,312 | ---- | M] () -- C:\Users\Łukasz\Desktop\Curse Client.appref-ms

[2010-06-03 20:12:38 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempNP3180.html

[2010-06-03 20:12:38 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempug3180.html

[2010-06-03 18:13:49 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys

[2010-06-03 18:13:49 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys

[2010-06-03 18:04:08 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempaJ3112.html

[2010-06-02 07:52:57 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempIJ2668.html

[2010-06-01 12:58:31 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempuB2680.html

[2010-06-01 07:53:26 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempXY2696.html

[2010-05-31 08:25:48 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempes2524.html

[2010-05-31 08:25:48 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYh2524.html

[2010-05-30 19:55:36 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempOW2996.html

[2010-05-30 19:55:36 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\Tempua2996.html

[2010-05-30 14:05:36 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempZF3900.html

[2010-05-30 14:02:20 | 000,001,089 | ---- | M] () -- C:\Users\Łukasz\Desktop\Runes of Magic.lnk

[2010-05-30 13:42:24 | 000,002,432 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempYs2564.html

[2010-05-30 13:42:24 | 000,002,089 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\TempMF2564.html

[2010-05-27 09:24:13 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2010-05-27 05:49:37 | 000,293,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2010-05-21 07:14:50 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

========== Files Created - No Company Name ==========

[2010-06-16 18:01:23 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempoq2860.html

[2010-06-16 18:01:23 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempLJ2860.html

[2010-06-16 17:51:37 | 000,003,296 | ---- | C] () -- C:\bootsqm.dat

[2010-06-15 17:42:24 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempRv3416.html

[2010-06-15 16:46:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempiI2952.html

[2010-06-13 15:35:25 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuZ2828.html

[2010-06-13 12:11:06 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYL3368.html

[2010-06-13 12:11:06 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempsu3368.html

[2010-06-13 10:48:21 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempPa2828.html

[2010-06-13 10:48:21 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGa2828.html

[2010-06-12 20:20:44 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGD3508.html

[2010-06-12 12:25:01 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempBo3472.html

[2010-06-11 14:47:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempCd3620.html

[2010-06-11 14:38:50 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Temprc3608.html

[2010-06-10 14:03:49 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempAC3040.html

[2010-06-08 18:12:04 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010-06-08 18:12:03 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010-06-08 18:09:24 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TemprY2712.html

[2010-06-07 20:01:00 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempGP2868.html

[2010-06-07 20:01:00 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempgu2868.html

[2010-06-07 16:07:58 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempWV2728.html

[2010-06-06 13:40:31 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempDW3036.html

[2010-06-06 11:00:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXt2648.html

[2010-06-05 17:05:34 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempJi2632.html

[2010-06-05 14:42:17 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVR3000.html

[2010-06-05 10:40:55 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempbT2876.html

[2010-06-04 21:18:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempVC2688.html

[2010-06-04 13:57:55 | 000,005,871 | ---- | C] () -- C:\Users\Łukasz\.recently-used.xbel

[2010-06-04 12:48:45 | 000,000,000 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip

[2010-06-04 12:48:32 | 000,000,312 | ---- | C] () -- C:\Users\Łukasz\Desktop\Curse Client.appref-ms

[2010-06-03 19:58:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempNP3180.html

[2010-06-03 19:58:36 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempug3180.html

[2010-06-03 18:03:40 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempaJ3112.html

[2010-06-02 07:52:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempIJ2668.html

[2010-06-01 12:58:08 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempuB2680.html

[2010-06-01 07:53:05 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempXY2696.html

[2010-05-31 07:45:35 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempes2524.html

[2010-05-31 07:45:35 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYh2524.html

[2010-05-30 15:58:36 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempOW2996.html

[2010-05-30 15:58:36 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Tempua2996.html

[2010-05-30 14:02:22 | 000,001,089 | ---- | C] () -- C:\Users\Łukasz\Desktop\Runes of Magic.lnk

[2010-05-30 13:42:41 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempZF3900.html

[2010-05-30 13:40:26 | 000,002,432 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempYs2564.html

[2010-05-30 13:40:26 | 000,002,089 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\TempMF2564.html

[2010-03-06 20:00:18 | 000,137,256 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys

[2010-02-25 20:15:37 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010-02-25 20:15:37 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2010-02-25 20:15:36 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2010-02-25 20:15:36 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010-02-25 20:15:35 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010-02-25 20:15:35 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest

[2009-11-06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2007-08-01 05:39:28 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

[2004-08-13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

========== LOP Check ==========

[2010-04-05 12:50:06 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\COWON

[2010-03-12 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\FOG Downloader

[2010-06-04 12:22:42 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Gadu-Gadu 10

[2010-05-05 14:22:53 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\gtk-2.0

[2010-04-11 09:41:34 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Mount&Blade Warband

[2010-04-27 21:41:37 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\SA-MP Audio Plugin

[2010-05-04 16:04:11 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

a to drugi :

OTL Extras logfile created on: 2010-06-18 15:49:56 - Run 2

OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Łukasz\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free

7,00 Gb Paging File | 6,00 Gb Available in Paging File | 88,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 29,20 Gb Total Space | 6,94 Gb Free Space | 23,76% Space Free | Partition Type: NTFS

Drive D: | 45,21 Gb Total Space | 5,25 Gb Free Space | 11,61% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: ŁUKASZ-KOMPUTER

Current User Name: Łukasz

Logged in as Administrator.

Current Boot Mode: SafeMode with Networking

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help

"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin

"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM

"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings

"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3

"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart

"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax

"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company? 2

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help

"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers

"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help

"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter

"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV

"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3

"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV

"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help

"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All

"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed

"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed

"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed

"{78EFD06D-7583-42F1-9E77-671D8782EB70}" = Adobe Photoshop CS3

"{7d2c33b7-2357-4737-82b2-4d386aa1861e}" = Nero 9

"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express

"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime

"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in

"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer

"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific

"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic

"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress

"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3

"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit

"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings

"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2

"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit

"{CBF4DADD-974D-49C8-BC83-C6F31554001E}" = Adobe Setup

"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas

"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help

"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings

"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings

"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX

"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio

"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adobe_678cd98c8365a5647f9a2e539d120a8" = Adobe Photoshop CS3

"AVG9Uninstall" = AVG Free 9.0

"Badaboom" = Badaboom 1.1.1.241

"BitComet" = BitComet 1.20

"Gadu-Gadu 10" = Gadu-Gadu 10

"IncrediMail Xe" = IncrediMail Xe

"KLiteCodecPack_is1" = K-Lite Codec Pack 5.2.0 (Full)

"Mount&Blade Warband" = Mount&Blade Warband

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Pakiet języka polskiego do jetAudio 6" = Pakiet języka polskiego do jetAudio 6

"PunkBusterSvc" = PunkBuster Services

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"VLC media player" = VLC media player 1.0.2

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinRAR archiver" = Archiwizator WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2487932381-1574326979-1788561927-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"090215de958f1060" = Curse Client

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.

Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych

Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis

DWORD w sekcji Data.

Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.

Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych

Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis

DWORD w sekcji Data.

Error - 2010-05-30 07:55:51 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl

(WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu.

Error - 2010-06-03 12:13:51 | Computer Name = Łukasz-Komputer | Source = VSS | ID = 8194

Description =

Error - 2010-06-05 06:27:59 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000

Description = Nazwa aplikacji powodującej błąd: Client.exe, wersja: 3.0.1.2181,

sygnatura czasowa: 0x4bf3c2a1 Nazwa modułu powodującego błąd: ntdll.dll, wersja:

6.1.7600.16385, sygnatura czasowa: 0x4a5bdadb Kod wyjątku: 0xc0000005 Przesunięcie

błędu: 0x00060cec Identyfikator procesu powodującego błąd: 0x158 Godzina uruchomienia

aplikacji powodującej błąd: 0x01cb04917005ea0b Ścieżka aplikacji powodującej błąd:

D:\Program Files\Runes of Magic\Runes of Magic\Client.exe Ścieżka modułu powodującego

błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: 02e5fce8-708d-11df-b1a2-00261809330c

Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.

Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych

Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis

DWORD w sekcji Data.

Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Ciągi wydajności w wartości rejestru wydajności są uszkodzone, kiedy

proces wykonuje następującą operację na dostawcy licznika rozszerzeń: Performance.

Wartość BaseIndex z rejestru wydajności to pierwszy wpis DWORD w sekcji danych

Data, wartość LastCounter to drugi wpis DWORD, a wartość LastHelp to trzeci wpis

DWORD w sekcji Data.

Error - 2010-06-05 11:07:27 | Computer Name = Łukasz-Komputer | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Nie można usunąć z pamięci ciągów licznika wydajności dla usługi WmiApRpl

(WmiApRpl). Pierwszy wpis DWORD w sekcji danych (Data) zawiera kod błędu.

Error - 2010-06-06 05:06:47 | Computer Name = Łukasz-Komputer | Source = Application Hang | ID = 1002

Description = Program IncMail.exe w wersji 2.0.0.1184 zatrzymał interakcję z systemem

Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji

dotyczących tego problemu, sprawdź historię problemu w panelu sterowania Centrum

akcji. Identyfikator procesu: 97c Godzina rozpoczęcia: 01cb05577da879e6 Godzina zakończenia:

31 Ścieżka aplikacji: C:\Program Files\IncrediMail\bin\IncMail.exe Identyfikator

raportu:

Error - 2010-06-06 08:54:57 | Computer Name = Łukasz-Komputer | Source = Application Error | ID = 1000

Description = Nazwa aplikacji powodującej błąd: Client.exe, wersja: 3.0.1.2181,

sygnatura czasowa: 0x4bf3c2a1 Nazwa modułu powodującego błąd: ntdll.dll, wersja:

6.1.7600.16385, sygnatura czasowa: 0x4a5bdadb Kod wyjątku: 0xc0000005 Przesunięcie

błędu: 0x00060cec Identyfikator procesu powodującego błąd: 0x14c0 Godzina uruchomienia

aplikacji powodującej błąd: 0x01cb056dd3177264 Ścieżka aplikacji powodującej błąd:

D:\Program Files\Runes of Magic\Runes of Magic\Client.exe Ścieżka modułu powodującego

błąd: C:\Windows\SYSTEM32\ntdll.dll Identyfikator raportu: b56247f8-716a-11df-b6f9-00261809330c

[ System Events ]

Error - 2010-06-18 09:47:20 | Computer Name = Łukasz-Komputer | Source = DCOM | ID = 10005

Description =

Error - 2010-06-18 09:47:21 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Dostawca grupy domowej zależy od usługi Host dostawcy odnajdowania

funkcji, której nie można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 09:47:22 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 09:47:22 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 09:47:22 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 09:47:30 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 09:47:30 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 09:47:30 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 09:49:02 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

Error - 2010-06-18 09:49:02 | Computer Name = Łukasz-Komputer | Source = Service Control Manager | ID = 7001

Description = Usługa Przeglądarka komputera zależy od usługi Serwer, której nie

można uruchomić z powodu następującego błędu: %%1068

< End of report >

Link do komentarza
Udostępnij na innych stronach

Niby powinno działać. Spróbuj zrobić tak. Odinstaluj antywirusa, bo on może coś mieszać, następnie wykonaj czysty rozruch i zobacz, czy system się załaduje. Tu masz opisane jak przeprowadzić czysty rozruch pod Vistą, pod Windows 7 przebiega to w sposób identyczny.

Link do komentarza
Udostępnij na innych stronach

UDAŁO SIE!!!

System ruszył ale nie zrobiłem tak jak kazałeś :DD

Zrobiłem tak:

Czysty rozruch - nic nie dało więc usunąłem antywirusa

i działa!!! system rusza bez problemu ale boje się że to się powtórzy... czy możesz poradzić coś żeby ten błąd nie występował już wogóle??

Link do komentarza
Udostępnij na innych stronach

Gość
Temat jest zablokowany i nie można w nim pisać.


  • Kto przegląda   0 użytkowników

    • Brak zalogowanych użytkowników przeglądających tę stronę.
×
×
  • Utwórz nowe...