Usunięcie qooqle.com z strony startowej

Dla specjalistów Bezpieczeństwo
#61

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt…Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

Odinstaluj DAEMON Tools Toolbar,uTorrentBar Toolbar.

#62

OTL w oknie Custom Scans-Fixes (własne opcje skanowania/skrypt)wklej następujący skrypt:

Kliknij w Run Fix (Wykonaj scrypt). Zatwierdź restart komputera.

Pokaż log z usuwania.

potem nowy log OTL robiony opcją Run Scan (Skanuj)

:slight_smile:

#63

no więc oto nowe pliki : plik po usunięciu : http://wklejto.pl/100686

nowy log : http://wklejto.pl/100688

już jest ok? :slight_smile:

#64

Log wygląda na czysty

Pobierz CCleaner http://www.filehippo.com/download_ccleaner/

przeskanuj nim i wyczyść rejestr.

W OTL kilknij CleanUp (Sprzątanie)

przeskanuj

Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html

:slight_smile:

#65

dzięki wielkie…już tego nie mam… jeszcze jedno pytanie…czy mogę w tym momencie usunąć otl czy spowoduje to powrót problemu?

zniknął sam, więc nie było pytania:D

#66

ta opcja usuwa OTL

:slight_smile:

#67

Witam ja również mam podobny problem. Przy czym u mnie dodatkowo otwarcie qooqlle.com powoduje włączanie i wyłączanie monitora co jest dość irytujące. Proszę o pomoc.

Moje logi z OTL

http://wklej.org/id/557570/

#68

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt…Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

#69

OTL w oknie Custom Scans-Fixes (własne opcje skanowania/skrypt)wklej następujący skrypt:

Kliknij w Run Fix (Wykonaj scrypt). Zatwierdź restart komputera.

Pokaż log z usuwania.

potem nowy log OTL robiony opcją Run Scan (Skanuj)

:slight_smile:

#70

Moje logi

Log z usuwania

http://wklej.org/id/557690/

i log po ponownym skanowaniu

http://wklej.org/id/557695/

Dzięki za pomoc :slight_smile:

#71

Log wygląda na czysty

Pobierz CCleaner http://www.filehippo.com/download_ccleaner/

przeskanuj nim i wyczyść rejestr.

W OTL kilknij CleanUp (Sprzątanie)

przeskanuj

Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html

:slight_smile:

#72

Witam

Mam również ten problem z qooqle ;/

http://wklejto.pl/100786

http://wklejto.pl/100787

#73

Uruchom OTL i w okno (Własne opcje skanowania/Script)wklej:

Kliknij Wykonaj skrypt…Zatwierdź restart komputera. Zapisz raport, który pokaże się po restarcie. Następnie uruchom OTL ponownie, tym razem kliknij (Skanuj).

Pokaż nowy log OTL.txt oraz raport z usuwania.

#74

dzięki pomogło :slight_smile:

#75

http://wklejto.pl/100813 raport usuwania

http://wklejto.pl/100814 nowy log

#76

W OTL użyj opcji Sprzątanie.Wyłącz i włącz przywracanie systemu na wszystkich dyskach:http://support.microsoft.com/kb/310405/pl

http://www.vista.pl/artykuly/11250_przy … vista.html

Przeskanuj progr.Malwarebytes Anti-Malware

http://www.dobreprogramy.pl/Malwarebyte … 13117.html

Przed skanowaniem wykonaj RĘCZNĄ AKTUALIZACJĘ BAZY WIRUSÓW

#77

Witam,

Niestety także i mnie dopadło niechciane qooqle, proszę o pomoc.

Log z OTL:

http://wklej.eu/index.php?id=7f001a8e9c

Log extra z OTL:

http://wklej.eu/index.php?id=c18fd3edde

Z góry dziękuję i pozdrawiam,

Michał

#78

OTL w oknie Custom Scans-Fixes (własne opcje skanowania/skrypt)wklej następujący skrypt:

Kliknij w Run Fix (Wykonaj scrypt). Zatwierdź restart komputera.

Pokaż log z usuwania.

potem nowy log OTL robiony opcją Run Scan (Skanuj)

#79

Log z usunięcia:

All processes killed

========== OTL ==========

C:\Users\Michał\AppData\Local\Codecs.exe moved successfully.

File C:\Users\Michał\AppData\Local\jushed.exe not found.

C:\Users\Michał\AppData\Local\nircmd.exe moved successfully.

C:\ProgramData\nircmd.exe moved successfully.

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully.

========== COMMANDS ==========

Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: MichaB

User: Michał

User: Michał

->Temp folder emptied: 810517448 bytes

->Temporary Internet Files folder emptied: 3968375 bytes

->Java cache emptied: 3414720 bytes

->FireFox cache emptied: 81462959 bytes

->Flash cache emptied: 781 bytes

User: Public

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 1634487 bytes

%systemroot%\System32 .tmp files removed: 4828768 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 34179591 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 897,00 mb

OTL by OldTimer - Version 3.2.26.0 log created on 07062011_222116

Files\Folders moved on Reboot…

C:\Users\Michał\AppData\Local\Temp\OICE_5069354F-4EAC-4820-B699-F2A1BE298D0C.0\755E0102.doc moved successfully.

File\Folder C:\Users\Michał\AppData\Local\Temp\OICE_5069354F-4EAC-4820-B699-F2A1BE298D0C.0~DF73F9563A4800641B.TMP not found!

C:\Users\Michał\AppData\Local\Temp\OICE_5069354F-4EAC-4820-B699-F2A1BE298D0C.0~WRS{1B4F827A-8A4D-4BCA-AEDA-0BD76C103202}.tmp moved successfully.

C:\Users\Michał\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File\Folder C:\Users\Michał\AppData\Local\Temp~DFB7AC42B35E2B2D42.TMP not found!

File\Folder C:\Users\Michał\AppData\Local\Temp~DFD4D8FD5104557CD3.TMP not found!

File\Folder C:\Users\Michał\AppData\Local\Temp~DFF97CCA5642C5DAD7.TMP not found!

C:\Users\Michał\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word~WRS{37631864-843F-43F0-93FE-4F9D49271561}.tmp moved successfully.

C:\Users\Michał\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word~WRS{6ED84866-0A17-450B-8B3E-5FD70A83B7EC}.tmp moved successfully.

C:\Users\Michał\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word~WRS{74A35357-E3F2-41AB-A4B2-318EA8A83FBA}.tmp moved successfully.

C:\Users\Michał\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word~WRS{9B30FC00-89E5-4DB2-8B29-613C5C887C03}.tmp moved successfully.

C:\Users\Michał\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word~WRS{ABE35172-0EB0-444C-8B40-D98247EB858F}.tmp moved successfully.

C:\Users\Michał\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word~WRS{E7EB5F39-D188-46F6-9F78-892B95CD01CE}.tmp moved successfully.

Registry entries deleted on Reboot…

I log z po Run Scan:

OTL logfile created on: 2011-07-06 22:26:37 - Run 2

OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\Michał\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

11,99 Gb Total Physical Memory | 10,08 Gb Available Physical Memory | 84,09% Memory free

23,98 Gb Paging File | 22,04 Gb Available in Paging File | 91,89% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 149,90 Gb Total Space | 33,00 Gb Free Space | 22,01% Space Free | Partition Type: NTFS

Drive D: | 390,76 Gb Total Space | 115,05 Gb Free Space | 29,44% Space Free | Partition Type: NTFS

Drive E: | 390,75 Gb Total Space | 268,70 Gb Free Space | 68,77% Space Free | Partition Type: NTFS

Drive G: | 931,51 Gb Total Space | 105,88 Gb Free Space | 11,37% Space Free | Partition Type: NTFS

Drive I: | 3,72 Gb Total Space | 2,30 Gb Free Space | 61,86% Space Free | Partition Type: FAT32

Computer Name: MICHAŁ-KOMPUTER | User Name: Michał | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-07-06 13:09:34 | 000,580,608 | ---- | M] (OldTimer Tools) – C:\Users\Michał\Desktop\OTL.exe

PRC - [2011-06-22 11:45:09 | 000,924,632 | ---- | M] (Mozilla Corporation) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011-06-05 18:38:38 | 000,403,240 | ---- | M] (Valve Corporation) – C:\Program Files (x86)\Common Files\Steam\SteamService.exe

PRC - [2011-05-25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011-03-29 01:29:50 | 001,242,448 | ---- | M] (Valve Corporation) – E:\Program Files\GRY\Steam\steam.exe

PRC - [2010-12-23 11:42:02 | 002,236,416 | ---- | M] () – C:\Program Files (x86)\Vtune\TBPANEL.exe

PRC - [2010-07-02 12:32:08 | 005,655,680 | ---- | M] (ASUSTeK Computer Inc.) – C:\Program Files\ASUS\TurboV\TurboV.exe

PRC - [2010-03-23 16:17:43 | 000,417,280 | ---- | M] (Stardock Corporation) – C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe

PRC - [2010-02-26 02:21:50 | 000,126,392 | R— | M] (Symantec Corporation) – C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe

PRC - [2010-01-22 13:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) – C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

PRC - [2009-12-28 15:33:01 | 000,096,896 | R— | M] (ASUSTeK Computer Inc.) – C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

PRC - [2009-12-17 07:42:06 | 000,105,632 | ---- | M] (Corel) – C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe

PRC - [2009-11-27 01:13:32 | 007,274,496 | ---- | M] (ASUSTeK Computer Inc.) – C:\Program Files\ASUS\Six Engine\SixEngine.exe

PRC - [2007-07-24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) – c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

========== Modules (SafeList) ==========

MOD - [2011-07-06 13:09:34 | 000,580,608 | ---- | M] (OldTimer Tools) – C:\Users\Michał\Desktop\OTL.exe

MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) – C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV: 64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)

SRV: 64bit: - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] – C:\Windows\SysNative\appmgmts.dll – (AppMgmt)

SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)

SRV - [2011-06-05 18:38:38 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] – C:\Program Files (x86)\Common Files\Steam\SteamService.exe – (Steam Client Service)

SRV - [2011-05-25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] – C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe – (nvUpdatusService)

SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe – (clr_optimization_v4.0.30319_32)

SRV - [2010-02-26 02:21:50 | 000,126,392 | R— | M] (Symantec Corporation) [unknown | Running] – C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe – (NIS)

SRV - [2009-12-28 15:33:01 | 000,096,896 | R— | M] (ASUSTeK Computer Inc.) [Auto | Running] – C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe – (AsSysCtrlService)

SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_32)

SRV - [2007-07-24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] – c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe – (PSI_SVC_2)

========== Driver Services (SafeList) ==========

DRV: 64bit: - [2011-06-29 22:57:18 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS – (SymEvent)

DRV: 64bit: - [2011-05-25 09:25:48 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\nvhda64v.sys – (NVHDA)

DRV: 64bit: - [2011-05-02 00:39:23 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\atksgt.sys – (atksgt)

DRV: 64bit: - [2011-05-02 00:39:22 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] – C:\Windows\SysNative\drivers\lirsgt.sys – (lirsgt)

DRV: 64bit: - [2011-03-18 18:15:44 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] – C:\Windows\SysNative\drivers\sptd.sys – (sptd)

DRV: 64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsata.sys – (amdsata)

DRV: 64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\amdxata.sys – (amdxata)

DRV: 64bit: - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\HpSAMD.sys – (HpSAMD)

DRV: 64bit: - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbFlt.sys – (TsUsbFlt)

DRV: 64bit: - [2010-11-20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\rdpvideominiport.sys – (RdpVideoMiniport)

DRV: 64bit: - [2010-08-06 10:53:14 | 000,293,416 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\mv91xx.sys – (mv91xx)

DRV: 64bit: - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TFsExDisk.sys – (TFsExDisk)

DRV: 64bit: - [2010-05-06 06:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\NISx64\1108000.005\symtdiv.sys – (SYMTDIv)

DRV: 64bit: - [2010-04-29 07:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\NISx64\1108000.005\ironx64.sys – (SymIRON)

DRV: 64bit: - [2010-04-27 04:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\ss_bmdm.sys – (ss_bmdm)

DRV: 64bit: - [2010-04-27 04:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\ss_bbus.sys – (ss_bbus) SAMSUNG USB Mobile Device (WDM)

DRV: 64bit: - [2010-04-27 04:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\ss_bmdfl.sys – (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)

DRV: 64bit: - [2010-04-22 05:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] – C:\Windows\SysNative\drivers\NISx64\1108000.005\symefa64.sys – (SymEFA)

DRV: 64bit: - [2010-04-22 04:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] – C:\Windows\SysNative\drivers\NISx64\1108000.005\srtsp64.sys – (SRTSP)

DRV: 64bit: - [2010-04-22 04:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\NISx64\1108000.005\srtspx64.sys – (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV: 64bit: - [2010-02-26 02:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\NISx64\1108000.005\cchpx64.sys – (ccHP)

DRV: 64bit: - [2010-02-04 03:40:47 | 000,433,200 | R— | M] (Symantec Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\NISx64\1108000.005\symds64.sys – (SymDS)

DRV: 64bit: - [2010-01-22 13:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\nusb3xhc.sys – (nusb3xhc)

DRV: 64bit: - [2010-01-22 13:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\nusb3hub.sys – (nusb3hub)

DRV: 64bit: - [2009-12-18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] – C:\Windows\SysNative\drivers\ElbyCDIO.sys – (ElbyCDIO)

DRV: 64bit: - [2009-09-28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\yk62x64.sys – (yukonw7)

DRV: 64bit: - [2009-08-09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\VClone.sys – (VClone)

DRV: 64bit: - [2009-07-16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\ASACPI.sys – (MTsensor)

DRV: 64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsbs.sys – (amdsbs)

DRV: 64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\lsi_sas2.sys – (LSI_SAS2)

DRV: 64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\stexstor.sys – (stexstor)

DRV: 64bit: - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] – C:\Windows\SysNative\wbem\ntfs.mof – (Ntfs)

DRV: 64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\evbda.sys – (ebdrv)

DRV: 64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bxvbda.sys – (b06bdrv)

DRV: 64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\b57nd60a.sys – (b57nd60a)

DRV: 64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hcw85cir.sys – (hcw85cir)

DRV: 64bit: - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hamachi.sys – (hamachi)

DRV: 64bit: - [2008-12-26 11:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\vcsvad.sys – (VCSVADHWSer) Avnex Virtual Audio Device (WDM)

DRV - [2011-07-01 17:41:16 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\ProgramData\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20110704.032\IDSviA64.sys – (IDSVia64)

DRV - [2011-06-29 22:58:52 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\ProgramData\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20110706.003\EX64.SYS – (NAVEX15)

DRV - [2011-06-29 22:58:52 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys – (eeCtrl)

DRV - [2011-06-29 22:58:52 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys – (EraserUtilRebootDrv)

DRV - [2011-06-29 22:58:52 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] – C:\ProgramData\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20110706.003\ENG64.SYS – (NAVENG)

DRV - [2011-06-16 01:56:18 | 001,143,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] – C:\ProgramData\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20110701.001\BHDrvx64.sys – (BHDrvx64)

DRV - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] – C:\Windows\SysWOW64\drivers\TFsExDisk.Sys – (TFsExDisk)

DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] – C:\Windows\SysWow64\drivers\StarOpen.sys – (StarOpen)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://vshare.toolbarhome.com/?hp=df

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0

========== FireFox ==========

FF - prefs.js…browser.startup.homepage: “google.pl”

FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js…extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3

FF - prefs.js…extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0

FF - prefs.js…extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6

FF - prefs.js…extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js…extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4

FF: 64bit: - HKLM\Software\MozillaPlugins@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)

FF - HKLM\Software\MozillaPlugins@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins@videolan.org/vlc,version=1.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\software\mozilla\Firefox\Extensions\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011-04-01 22:16:05 | 000,000,000 | —D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\ [2011-07-03 23:28:03 | 000,000,000 | —D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\ [2011-06-29 22:57:31 | 000,000,000 | —D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-06-22 11:45:09 | 000,000,000 | —D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-06-18 00:35:20 | 000,000,000 | —D | M]

FF - HKCU\software\mozilla\Firefox\Extensions\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011-04-01 22:16:05 | 000,000,000 | —D | M]

FF - HKCU\software\mozilla\Firefox\Extensions\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\ [2011-07-03 23:28:03 | 000,000,000 | —D | M]

FF - HKCU\software\mozilla\Firefox\Extensions\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\ [2011-06-29 22:57:31 | 000,000,000 | —D | M]

FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-06-22 11:45:09 | 000,000,000 | —D | M]

FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-06-18 00:35:20 | 000,000,000 | —D | M]

[2011-03-04 15:44:28 | 000,000,000 | —D | M] (No name found) – C:\Users\Michał\AppData\Roaming\mozilla\Extensions

[2011-07-04 07:40:47 | 000,000,000 | —D | M] (No name found) – C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\m1f4uh7l.default\extensions

[2011-06-22 10:48:16 | 000,000,000 | —D | M] (DownloadHelper) – C:\Users\Michał\AppData\Roaming\mozilla\Firefox\Profiles\m1f4uh7l.default\extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011-05-29 09:55:55 | 000,001,583 | ---- | M] () – C:\Users\Michał\AppData\Roaming\Mozilla\Firefox\Profiles\m1f4uh7l.default\searchplugins\web-search.xml

[2011-06-19 20:28:27 | 000,000,000 | —D | M] (No name found) – C:\Program Files (x86)\mozilla firefox\extensions

[2011-03-05 01:07:43 | 000,000,000 | —D | M] (Java Console) – C:\Program Files (x86)\mozilla firefox\extensions{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2011-03-06 07:27:36 | 000,000,000 | —D | M] (Java Console) – C:\Program Files (x86)\mozilla firefox\extensions{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

[2011-06-19 20:28:27 | 000,000,000 | —D | M] (Java Console) – C:\Program Files (x86)\mozilla firefox\extensions{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

File not found (No name found) –

[2011-07-03 23:28:03 | 000,000,000 | —D | M] (Norton IPS) – C:\PROGRAMDATA\NORTON{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPLGN

File not found (No name found) – C:\USERS\MICHAĹ‚\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M1F4UH7L.DEFAULT\EXTENSIONS{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}

File not found (No name found) – C:\USERS\MICHAĹ‚\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\M1F4UH7L.DEFAULT\EXTENSIONS{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2011-06-22 11:45:09 | 000,142,296 | ---- | M] (Mozilla Foundation) – C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011-05-04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) – C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2010-01-01 10:00:00 | 000,002,767 | ---- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml

[2010-01-01 10:00:00 | 000,001,406 | ---- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml

[2010-01-01 10:00:00 | 000,000,917 | ---- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml

[2010-01-01 10:00:00 | 000,000,858 | ---- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml

[2010-01-01 10:00:00 | 000,001,183 | ---- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml

[2010-01-01 10:00:00 | 000,001,683 | ---- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2011-07-06 16:55:07 | 000,000,909 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 talk.aqq.eu

O1 - Hosts: 127.0.0.1 contact.aqq.eu

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\IPSBHO.DLL (Symantec Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)

O3 - HKLM…\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coIEPlg.dll (Symantec Corporation)

O3 - HKCU…\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O4: 64bit: - HKLM…\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4: 64bit: - HKLM…\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM…\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM…\Run: [NPSStartup] File not found

O4 - HKLM…\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)

O4 - HKLM…\Run: [standby] c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe (Corel)

O4 - HKLM…\Run: [TurboV] C:\Program Files\ASUS\TurboV\TurboV.exe (ASUSTeK Computer Inc.)

O4 - HKCU…\Run: [CursorFX] C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)

O4 - HKCU…\Run: [RGSC] File not found

O4 - HKCU…\Run: [steam] E:\Program Files\GRY\Steam\Steam.exe (Valve Corporation)

O4 - HKCU…\Run: [TBPanel] C:\Program Files (x86)\Vtune\TBPanel.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta … s-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 192.168.0.1

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O20: 64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20: 64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20: 64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21: 64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35: 64bit: - HKLM…comfile [open] – “%1” %*

O35: 64bit: - HKLM…exefile [open] – “%1” %*

O35 - HKLM…comfile [open] – “%1” %*

O35 - HKLM…exefile [open] – “%1” %*

O37: 64bit: - HKLM…com [@ = comfile] – “%1” %*

O37: 64bit: - HKLM…exe [@ = exefile] – “%1” %*

O37 - HKLM…com [@ = comfile] – “%1” %*

O37 - HKLM…exe [@ = exefile] – “%1” %*

O37 - HKCU…exe [@ = exefile] – Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011-07-06 22:21:16 | 000,000,000 | —D | C] – C:_OTL

[2011-07-06 16:54:08 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Local\Deployment

[2011-07-06 16:54:08 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Local\Apps

[2011-07-06 16:49:04 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WapSter

[2011-07-06 16:48:55 | 000,000,000 | —D | C] – C:\Program Files (x86)\WapSter

[2011-07-06 13:29:33 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Malwarebytes

[2011-07-06 13:29:19 | 000,000,000 | —D | C] – C:\ProgramData\Malwarebytes

[2011-07-06 13:29:16 | 000,025,912 | ---- | C] (Malwarebytes Corporation) – C:\Windows\SysNative\drivers\mbam.sys

[2011-07-06 13:09:34 | 000,580,608 | ---- | C] (OldTimer Tools) – C:\Users\Michał\Desktop\OTL.exe

[2011-07-06 12:50:27 | 000,000,000 | —D | C] – C:\Users\Michał\Desktop\StopZilla_5.0.7.2

[2011-07-06 12:49:24 | 000,000,000 | —D | C] – C:\ProgramData\STOPzilla!

[2011-07-03 23:28:36 | 000,451,120 | ---- | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\NISx64\1108000.005\symtdiv.sys

[2011-07-03 23:28:36 | 000,433,200 | R— | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\NISx64\1108000.005\symds64.sys

[2011-07-03 23:28:36 | 000,221,232 | ---- | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\NISx64\1108000.005\symefa64.sys

[2011-07-03 23:28:36 | 000,032,304 | ---- | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\NISx64\1108000.005\srtspx64.sys

[2011-07-03 23:28:35 | 000,615,040 | ---- | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\NISx64\1108000.005\cchpx64.sys

[2011-07-03 23:28:35 | 000,505,392 | ---- | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\NISx64\1108000.005\srtsp64.sys

[2011-07-03 23:28:35 | 000,150,064 | ---- | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\NISx64\1108000.005\ironx64.sys

[2011-07-03 23:28:05 | 000,000,000 | —D | C] – C:\Windows\SysNative\drivers\NISx64\1108000.005

[2011-07-02 17:42:31 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraStar Deluxe

[2011-07-02 17:42:26 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\ultrastardx

[2011-07-02 17:42:26 | 000,000,000 | —D | C] – C:\Program Files (x86)\UltraStar Deluxe

[2011-06-29 22:57:23 | 000,173,104 | ---- | C] (Symantec Corporation) – C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2011-06-29 22:57:18 | 000,000,000 | —D | C] – C:\Program Files\Common Files\Symantec Shared

[2011-06-29 22:57:18 | 000,000,000 | —D | C] – C:\Program Files\Symantec

[2011-06-29 22:56:58 | 000,000,000 | —D | C] – C:\Windows\SysNative\drivers\NISx64

[2011-06-29 22:56:56 | 000,000,000 | R–D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security

[2011-06-29 22:56:56 | 000,000,000 | —D | C] – C:\Program Files (x86)\Norton Internet Security

[2011-06-29 22:56:55 | 000,000,000 | —D | C] – C:\ProgramData\Norton

[2011-06-29 22:56:50 | 000,000,000 | —D | C] – C:\ProgramData\NortonInstaller

[2011-06-29 22:56:50 | 000,000,000 | —D | C] – C:\Program Files (x86)\NortonInstaller

[2011-06-29 18:04:25 | 000,000,000 | —D | C] – C:\Windows\PCHEALTH

[2011-06-29 08:28:06 | 000,252,928 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\drvinst.exe

[2011-06-29 08:28:06 | 000,044,544 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\devrtl.dll

[2011-06-29 08:28:05 | 002,315,776 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\tquery.dll

[2011-06-29 08:28:05 | 002,223,616 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\mssrch.dll

[2011-06-29 08:28:05 | 001,549,312 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\tquery.dll

[2011-06-29 08:28:05 | 001,401,344 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\mssrch.dll

[2011-06-29 08:28:05 | 000,778,752 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\mssvp.dll

[2011-06-29 08:28:05 | 000,666,624 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\mssvp.dll

[2011-06-29 08:28:05 | 000,491,520 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\mssph.dll

[2011-06-29 08:28:05 | 000,337,408 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\mssph.dll

[2011-06-29 08:28:05 | 000,288,256 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\mssphtb.dll

[2011-06-29 08:28:05 | 000,249,856 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\SearchProtocolHost.exe

[2011-06-29 08:28:05 | 000,197,120 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\mssphtb.dll

[2011-06-29 08:28:05 | 000,113,664 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\SearchFilterHost.exe

[2011-06-29 08:28:05 | 000,075,264 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\msscntrs.dll

[2011-06-29 08:28:05 | 000,059,392 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\msscntrs.dll

[2011-06-28 17:55:40 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XBCD

[2011-06-28 17:55:39 | 000,230,400 | ---- | C] (XBCD Project) – C:\Windows\SysWow64\xbcdsu.dll

[2011-06-28 17:55:39 | 000,230,400 | ---- | C] (XBCD Project) – C:\Windows\SysNative\xbcdsu.dll

[2011-06-28 17:55:39 | 000,028,160 | ---- | C] (Redcl0ud) – C:\Windows\SysNative\xbcdr.dll

[2011-06-28 17:55:39 | 000,027,136 | ---- | C] (XBCD Project) – C:\Windows\SysWow64\xbcdif.dll

[2011-06-28 17:55:39 | 000,027,136 | ---- | C] (XBCD Project) – C:\Windows\SysNative\xbcdif.dll

[2011-06-28 17:55:39 | 000,025,728 | ---- | C] (XBCD Project) – C:\Windows\SysNative\drivers\xbcd.sys

[2011-06-28 17:55:39 | 000,023,552 | ---- | C] (Redcl0ud) – C:\Windows\SysWow64\xbcdr.dll

[2011-06-28 17:55:39 | 000,000,000 | —D | C] – C:\ProgramData\XBCDSU

[2011-06-28 17:55:39 | 000,000,000 | —D | C] – C:\Program Files (x86)\XBCD

[2011-06-28 14:59:56 | 000,000,000 | —D | C] – C:\Program Files (x86)\Electronic Arts

[2011-06-28 06:55:31 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games

[2011-06-28 00:08:47 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Might & Magic Heroes VI - Internal Private Closed Beta

[2011-06-27 13:07:46 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView

[2011-06-27 13:07:46 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\IrfanView

[2011-06-27 13:07:46 | 000,000,000 | —D | C] – C:\Program Files (x86)\IrfanView

[2011-06-26 12:24:33 | 000,000,000 | —D | C] – C:\Users\Michał\Desktop\Z APARATU

[2011-06-25 21:01:14 | 000,000,000 | —D | C] – C:\Users\Michał\Desktop\PRACA MAGISTERSKA !!

[2011-06-25 17:26:57 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\ABBYY

[2011-06-25 17:17:03 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Local\ABBYY

[2011-06-25 17:17:03 | 000,000,000 | —D | C] – C:\ProgramData\ABBYY

[2011-06-24 23:55:16 | 000,000,000 | —D | C] – C:\Users\Michał\Documents\The Path

[2011-06-24 23:55:16 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\The Path

[2011-06-23 15:53:43 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Day 1 Studios

[2011-06-23 08:24:33 | 000,000,000 | —D | C] – C:\Users\Michał\Desktop\zdjecia z avili

[2011-06-21 12:14:53 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\id Software

[2011-06-21 12:14:53 | 000,000,000 | —D | C] – C:\ProgramData\id Software

[2011-06-21 10:05:34 | 000,161,280 | ---- | C] (MCCI Corporation) – C:\Windows\SysNative\drivers\ss_bmdm.sys

[2011-06-21 10:05:34 | 000,127,488 | ---- | C] (MCCI) – C:\Windows\SysNative\drivers\ss_bbus.sys

[2011-06-21 10:05:34 | 000,018,944 | ---- | C] (MCCI Corporation) – C:\Windows\SysNative\drivers\ss_bmdfl.sys

[2011-06-21 10:05:34 | 000,015,872 | ---- | C] (MCCI Corporation) – C:\Windows\SysNative\drivers\ss_bwhnt.sys

[2011-06-21 10:05:34 | 000,015,360 | ---- | C] (MCCI Corporation) – C:\Windows\SysNative\drivers\ss_bcmnt.sys

[2011-06-21 09:59:27 | 000,000,000 | —D | C] – C:\Windows\SysWow64\Samsung_USB_Drivers

[2011-06-19 20:28:53 | 000,000,000 | —D | C] – C:\Program Files (x86)\Common Files\Java

[2011-06-19 20:28:26 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\SysWow64\javaws.exe

[2011-06-19 20:28:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\SysWow64\javaw.exe

[2011-06-19 20:28:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\SysWow64\java.exe

[2011-06-19 00:41:58 | 000,000,000 | —D | C] – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio

[2011-06-19 00:39:02 | 000,000,000 | —D | C] – C:\Program Files (x86)\Rovio

[2011-06-18 17:23:11 | 000,000,000 | —D | C] – C:\ProgramData\TEMP

[2011-06-18 17:23:11 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Frogwares

[2011-06-17 21:15:39 | 001,447,226 | ---- | C] (XBCD Project ) – C:\Users\Michał\Desktop\XBCD_Installer_0.2.7.exe

[2011-06-16 19:21:14 | 000,000,000 | —D | C] – C:\Users\Michał\Desktop\WIKTYMOLOGIA

[2011-06-15 12:16:25 | 000,702,464 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\msfeeds.dll

[2011-06-15 12:16:25 | 000,599,552 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\msfeeds.dll

[2011-06-15 12:16:24 | 000,247,808 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\ieui.dll

[2011-06-15 12:16:24 | 000,176,640 | ---- | C] (Microsoft Corporation) – C:\Windows\SysWow64\ieui.dll

[2011-06-15 12:16:11 | 000,861,696 | ---- | C] (Microsoft Corporation) – C:\Windows\SysNative\oleaut32.dll

[2011-06-12 19:49:22 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Rovio

[2011-06-12 19:49:20 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Angry Birds

[2011-06-12 19:49:18 | 000,000,000 | —D | C] – C:\Program Files (x86)\Angry Birds

[2011-06-12 17:42:17 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\DisneyInteractiveStudios

[2011-06-10 21:34:08 | 000,000,000 | —D | C] – C:\Users\Michał\Documents\Duke Nukem Forever

[2011-06-10 21:19:01 | 000,000,000 | —D | C] – C:\Program Files (x86)\Duke Nukem Forever

[2011-06-10 15:41:42 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Summer Athletics 2008

[2011-06-09 15:39:33 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Local\Darksiders

[2011-06-09 09:52:41 | 000,000,000 | —D | C] – C:\Program Files (x86)\Total Video Converter

[2011-06-09 08:59:51 | 000,000,000 | —D | C] – C:\Program Files (x86)\Great Game Products

[2011-06-09 08:59:51 | 000,000,000 | —D | C] – C:\Users\Michał\AppData\Roaming\Bridge Baron 21 PLK

[2011-06-08 12:24:53 | 000,000,000 | —D | C] – C:\Users\Michał\Desktop\MUZYKA DVD

[2011-06-07 18:58:02 | 000,174,184 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysNative\drivers\nvhda64v.sys

[2011-06-07 18:58:02 | 000,029,288 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysNative\nvhdap64.dll

[2011-06-07 18:58:00 | 022,286,952 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysNative\nvoglv64.dll

[2011-06-07 18:58:00 | 018,583,144 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysNative\nvcompiler.dll

[2011-06-07 18:58:00 | 016,456,296 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysWow64\nvoglv32.dll

[2011-06-07 18:58:00 | 015,223,912 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysNative\nvd3dumx.dll

[2011-06-07 18:58:00 | 013,011,560 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysWow64\nvcompiler.dll

[2011-06-07 18:58:00 | 007,123,560 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysNative\nvcuda.dll

[2011-06-07 18:58:00 | 005,301,352 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysWow64\nvcuda.dll

[2011-06-07 18:58:00 | 002,943,592 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysNative\nvcuvid.dll

[2011-06-07 18:58:00 | 002,804,328 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysWow64\nvcuvid.dll

[2011-06-07 18:58:00 | 002,212,968 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysNative\nvcuvenc.dll

[2011-06-07 18:58:00 | 002,082,408 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysWow64\nvcuvenc.dll

[2011-06-07 18:58:00 | 000,067,176 | ---- | C] (Khronos Group) – C:\Windows\SysNative\OpenCL.dll

[2011-06-07 18:58:00 | 000,057,960 | ---- | C] (Khronos Group) – C:\Windows\SysWow64\OpenCL.dll

[2011-06-07 18:58:00 | 000,012,392 | ---- | C] (NVIDIA Corporation) – C:\Windows\SysNative\drivers\nvBridge.kmd

[2011-06-07 05:59:43 | 000,000,000 | —D | C] – C:\Windows\SysWow64\directx

========== Files - Modified Within 30 Days ==========

[2011-07-06 22:23:55 | 000,067,584 | --S- | M] () – C:\Windows\bootstat.dat

[2011-07-06 22:23:52 | 1066,749,950 | -HS- | M] () – C:\hiberfil.sys

[2011-07-06 22:21:29 | 001,339,832 | ---- | M] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\Cat.DB

[2011-07-06 16:33:41 | 000,010,208 | -H-- | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011-07-06 16:33:41 | 000,010,208 | -H-- | M] () – C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011-07-06 13:09:34 | 000,580,608 | ---- | M] (OldTimer Tools) – C:\Users\Michał\Desktop\OTL.exe

[2011-07-06 12:53:41 | 000,001,056 | ---- | M] () – C:\Windows\SysNative\drivers\kgpcpy.cfg

[2011-07-06 09:25:56 | 000,000,001 | ---- | M] () – C:\ProgramData\varsavefile

[2011-07-06 09:25:56 | 000,000,001 | ---- | M] () – C:\ProgramData\datesavefile

[2011-07-03 21:19:33 | 000,122,904 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) – C:\Windows\SysNative\OpenAL32.dll

[2011-07-03 21:19:32 | 000,109,080 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) – C:\Windows\SysWow64\OpenAL32.dll

[2011-07-03 15:59:34 | 000,004,608 | ---- | M] () – C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-06-29 23:28:20 | 001,661,468 | ---- | M] () – C:\Windows\SysNative\PerfStringBackup.INI

[2011-06-29 23:28:20 | 000,737,464 | ---- | M] () – C:\Windows\SysNative\perfh015.dat

[2011-06-29 23:28:20 | 000,651,672 | ---- | M] () – C:\Windows\SysNative\perfh009.dat

[2011-06-29 23:28:20 | 000,154,152 | ---- | M] () – C:\Windows\SysNative\perfc015.dat

[2011-06-29 23:28:20 | 000,120,604 | ---- | M] () – C:\Windows\SysNative\perfc009.dat

[2011-06-29 22:57:18 | 000,173,104 | ---- | M] (Symantec Corporation) – C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2011-06-29 22:57:18 | 000,007,440 | ---- | M] () – C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2011-06-29 22:57:18 | 000,000,854 | ---- | M] () – C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2011-06-29 17:56:37 | 000,366,328 | ---- | M] () – C:\Windows\SysNative\FNTCACHE.DAT

[2011-06-21 10:01:10 | 000,000,000 | ---- | M] () – C:\ProgramData\LauncherAccess.dt

[2011-06-20 15:21:32 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) – C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011-06-17 21:17:07 | 001,447,226 | ---- | M] (XBCD Project ) – C:\Users\Michał\Desktop\XBCD_Installer_0.2.7.exe

[2011-06-15 01:27:30 | 000,002,562 | ---- | M] () – C:\Windows\diagwrn.xml

[2011-06-15 01:27:30 | 000,001,908 | ---- | M] () – C:\Windows\diagerr.xml

[2011-06-12 19:49:21 | 000,204,065 | ---- | M] () – C:\Windows\Angry Birds Uninstaller.exe

[2011-06-12 17:52:38 | 000,000,094 | ---- | M] () – C:\Users\Michał\AppData\Local\fusioncache.dat

[2011-06-10 01:42:24 | 000,637,623 | ---- | M] () – C:\Users\Michał\Desktop\x360ce.App-2.0.2.62.zip

========== Files Created - No Company Name ==========

[2011-07-06 12:53:11 | 000,001,056 | ---- | C] () – C:\Windows\SysNative\drivers\kgpcpy.cfg

[2011-07-04 07:39:25 | 001,339,832 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\Cat.DB

[2011-07-03 23:28:36 | 000,007,829 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\symefa64.cat

[2011-07-03 23:28:36 | 000,007,787 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\symnetv64.cat

[2011-07-03 23:28:36 | 000,007,414 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\srtspx64.cat

[2011-07-03 23:28:36 | 000,007,406 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\symds64.cat

[2011-07-03 23:28:36 | 000,007,368 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\symnet64.cat

[2011-07-03 23:28:36 | 000,003,373 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\symefa.inf

[2011-07-03 23:28:36 | 000,002,793 | R— | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\symds.inf

[2011-07-03 23:28:36 | 000,001,473 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\symnetv.inf

[2011-07-03 23:28:36 | 000,001,445 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\symnet.inf

[2011-07-03 23:28:36 | 000,001,421 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\srtspx64.inf

[2011-07-03 23:28:35 | 000,007,410 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\srtsp64.cat

[2011-07-03 23:28:35 | 000,007,402 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\iron.cat

[2011-07-03 23:28:35 | 000,007,358 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\cchpx64.cat

[2011-07-03 23:28:35 | 000,001,838 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\cchpx64.inf

[2011-07-03 23:28:35 | 000,001,437 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\srtsp64.inf

[2011-07-03 23:28:35 | 000,000,771 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\iron.inf

[2011-07-03 23:28:05 | 000,000,172 | ---- | C] () – C:\Windows\SysNative\drivers\NISx64\1108000.005\isolate.ini

[2011-06-29 22:57:23 | 000,007,440 | ---- | C] () – C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2011-06-29 22:57:23 | 000,000,854 | ---- | C] () – C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2011-06-21 10:01:10 | 000,000,000 | ---- | C] () – C:\ProgramData\LauncherAccess.dt

[2011-06-18 00:35:20 | 000,002,441 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2011-06-15 00:14:35 | 000,002,562 | ---- | C] () – C:\Windows\diagwrn.xml

[2011-06-15 00:14:35 | 000,001,908 | ---- | C] () – C:\Windows\diagerr.xml

[2011-06-12 19:49:10 | 000,204,065 | ---- | C] () – C:\Windows\Angry Birds Uninstaller.exe

[2011-06-10 01:42:24 | 000,637,623 | ---- | C] () – C:\Users\Michał\Desktop\x360ce.App-2.0.2.62.zip

[2011-06-06 23:58:27 | 000,001,338 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk

[2011-06-05 15:46:35 | 000,000,065 | ---- | C] () – C:\Windows\wininit.ini

[2011-05-20 22:35:28 | 000,304,744 | ---- | C] () – C:\Windows\SysWow64\nvStreaming.exe

[2011-05-17 21:44:52 | 000,004,768 | ---- | C] () – C:\Users\Michał\AppData\Local\operaprefs.ini

[2011-05-16 16:15:32 | 000,000,002 | ---- | C] () – C:\ProgramData\timerxfile

[2011-05-16 16:15:32 | 000,000,001 | ---- | C] () – C:\ProgramData\varsavefile

[2011-05-16 16:15:32 | 000,000,001 | ---- | C] () – C:\ProgramData\datesavefile

[2011-05-16 16:15:20 | 000,004,768 | ---- | C] () – C:\ProgramData\operaprefs.ini

[2011-05-02 16:04:09 | 000,000,713 | ---- | C] () – C:\Windows\disney.ini

[2011-05-01 16:20:05 | 000,000,080 | ---- | C] () – C:\Users\Michał\AppData\Local\X-Plane Installer.prf

[2011-04-19 10:37:37 | 000,000,001 | ---- | C] () – C:\Windows\SysWow64\SI.bin

[2011-04-13 14:38:16 | 000,006,876 | ---- | C] () – C:\Users\Michał\AppData\Roaming.freeciv-client-rc-2.2

[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () – C:\Windows\SysWow64\xlive.dll.cat

[2011-03-23 21:50:31 | 001,622,898 | ---- | C] () – C:\Windows\SysWow64\PerfStringBackup.INI

[2011-03-23 01:10:39 | 000,000,094 | ---- | C] () – C:\Users\Michał\AppData\Local\fusioncache.dat

[2011-03-07 22:17:48 | 000,004,608 | ---- | C] () – C:\Users\Michał\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011-03-07 14:01:59 | 000,005,226 | -HS- | C] () – C:\ProgramData\KGyGaAvL.sys

[2011-03-07 14:01:59 | 000,000,088 | RHS- | C] () – C:\ProgramData\20E85A184F.sys

[2011-03-04 14:49:53 | 000,024,576 | R— | C] () – C:\Windows\SysWow64\AsIO.dll

[2011-03-04 14:49:53 | 000,013,440 | R— | C] () – C:\Windows\SysWow64\drivers\AsIO.sys

[2011-03-04 14:49:49 | 000,011,832 | ---- | C] () – C:\Windows\SysWow64\drivers\AsInsHelp64.sys

[2011-03-04 14:49:49 | 000,010,216 | ---- | C] () – C:\Windows\SysWow64\drivers\AsInsHelp32.sys

[2011-03-04 14:45:28 | 000,040,342 | ---- | C] () – C:\Windows\Ascd_log.ini

[2011-03-04 14:44:49 | 000,001,769 | ---- | C] () – C:\Windows\Language_trs.ini

[2011-03-04 14:44:46 | 000,027,067 | ---- | C] () – C:\Windows\Ascd_tmp.ini

[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () – C:\Windows\bootstat.dat

[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () – C:\Windows\SysWow64\NOISE.DAT

[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () – C:\Windows\SysWow64\dssec.dat

[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () – C:\Windows\mib.bin

[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () – C:\Windows\SysWow64\BWContextHandler.dll

[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () – C:\Windows\SysWow64\msjetoledb40.dll

[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () – C:\Windows\SysWow64\mlang.dat

[2009-04-02 14:30:14 | 000,010,296 | ---- | C] () – C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () – C:\Windows\SysWow64\drivers\StarOpen.sys

End of report

#80

Log wygląda na czysty

Pobierz CCleaner http://www.filehippo.com/download_ccleaner/

przeskanuj nim i wyczyść rejestr.

W OTL kilknij CleanUp (Sprzątanie)

przeskanuj

Dr.WEB CureIt! http://www.dobreprogramy.pl/DrWEB-CureI … 12976.html

:slight_smile: