Prawie 100 procesów na viście, logi do sprawdzenia

**Posty:** 3 · przez **wiemzenicniewiem** 27 Sie 2011, 20:35

Witam, na początku tygodnia zrobiłem backup systemu operacyjnego, na dzień dobry miałem ok.23 włączone procesy w menadżerze zadań, zainstalowałem parę podstawowych aplikacji, zapore, antywira, przeglądarkę i coś tam jeszcze, wchodzę w menadżera Windows i widzę prawię sto uruchomionych zadań, ściągnąłem HijackThis lecz niezbyt znam się na komputerach, dlatego proszę o pomoc. Windows który posiadam to VISTA 32bit.

Kod: Zaznacz wszystko: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:49:44, on 2011-08-26 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Users\RYSIEK~1\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\AVG\AVG10\avgtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Windows\system32\conime.exe C:\Windows\System32\wsqmcons.exe C:\Program Files\OrangeBS\BEWInternet-PL\Launcher\Launcher.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe C:\Program Files\OrangeBS\BEWInternet-PL\systray\systrayapp.exe C:\Program Files\OrangeBS\BEWInternet-PL\connectivity\connectivitymanager.exe C:\Program Files\OrangeBS\BEWInternet-PL\PhoneTools\TextMessaging.exe C:\Program Files\OrangeBS\BEWInternet-PL\Deskboard\deskboard.exe C:\Program Files\OrangeBS\BEWInternet-PL\connectivity\CoreCom\CoreCom.exe C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe C:\Windows\system32\wuauclt.exe C:\Windows\explorer.exe C:\Windows\System32\mobsync.exe C:\hijackthiss\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pl.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://pl.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\AVG\AVG10\avgssie.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h O4 - HKLM\..\Run: [AVG_TRAY] C:\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [BEWINTERNET-PLSessionManager] "C:\Program Files\OrangeBS\BEWInternet-PL\SessionManager\SessionManager.exe" O4 - HKLM\..\RunOnce: [End_Install] C:\Users\RYSIEK~1\AppData\Local\Temp\SHK0.bat O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{A618394B-5EC3-4A79-992C-E40F21BF66EE}: NameServer = 217.116.100.65 79.163.127.70 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\AVG\AVG10\avgpp.dll O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\AVG\AVG10\avgwdsvc.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: GtDetectSc - OptionNV - C:\internetOption\GlobeTrotter Connect\GtDetectSc.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7696 bytes

Pozdrawiam i czekam na kogoś chętnego do pomocy:)

**Posty:** 2183 · przez **NieWiem** 27 Sie 2011, 22:40

że niby tutaj jakieś zasady obowiązują:
obowiazkowe-zasady-wstawiania-logow-wazne-vt117887.html

**Posty:** 3 · przez **wiemzenicniewiem** 27 Sie 2011, 23:07

Nie mam chwilowo dostępu do laptopa, a więc nie mogę zainstalować Gmer i OTL, same logi z HijackThis nie wystarczą?

**Posty:** 2183 · przez **NieWiem** 28 Sie 2011, 06:49

Musi być OTL i Gmer. HJT to program przestarzały i nie widać w nim połowy rzeczy, które na obecne zagrożenia musimy znać.

**Posty:** 3 · przez **wiemzenicniewiem** 28 Sie 2011, 20:52

Jutro postaram się wkleić logi, a w międzyczasie mam pytanie, skanowanie OTL I Gmer pozwoli wyłapać praktycznie wszystkie złośliwe aplikacje? Jaki jest mniej-więcej skuteczność tego typu programów?

99 %

bardziej zależy od sprawdzającego

Dodano Dzisiaj, 23:40:
Hej, zrobiłem dzisiaj znowu backup systemu, i na dzień dobry miałem włączonych z 60 - 70 procesów :1:

.

LOGI extras otl

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2011-08-31 22:28:00 - Run 2 OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Rysiek\Desktop Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16546) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1021,81 Mb Total Physical Memory | 446,04 Mb Available Physical Memory | 43,65% Memory free 2,24 Gb Paging File | 1,41 Gb Available in Paging File | 62,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,65 Gb Total Space | 57,53 Gb Free Space | 82,60% Space Free | Partition Type: NTFS Drive D: | 69,64 Gb Total Space | 67,17 Gb Free Space | 96,46% Space Free | Partition Type: NTFS Drive F: | 1,86 Gb Total Space | 1,60 Gb Free Space | 85,99% Space Free | Partition Type: FAT32 Computer Name: RYSIEK-PC | User Name: Rysiek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{8017AD92-7E55-4741-B56F-30CEBD7E5E3A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{443A5C4C-DFAA-433E-808E-A14F2BCA047D}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02F020A7-4981-4F6E-C40D-5BA7C007D518}" = ccc-core-static "{0762EBC7-0C57-76DD-F1B9-0E69B867C802}" = Catalyst Control Center Graphics Light "{089523E6-D681-1B0C-6458-CC42C5CA5DEF}" = Catalyst Control Center Localization Finnish "{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "{17533FFD-37B6-A54A-1654-AD053A247A37}" = Catalyst Control Center Localization Swedish "{1A5E5061-543A-5722-7441-7BC6CF1C5C62}" = Catalyst Control Center Localization Portuguese "{1E239B20-E618-41D4-47E3-C3AE4A066214}" = Catalyst Control Center Core Implementation "{26976749-1A33-20A5-DCE9-63EFEEAECA03}" = Catalyst Control Center Localization Greek "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet "{347952D7-B923-36BE-B35C-99B4C7809795}" = Catalyst Control Center Localization Turkish "{3B810746-962A-2A85-E733-3E62EF3D4BEB}" = Catalyst Control Center Localization Thai "{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon "{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security "{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component "{4ac40384-37ba-421c-b14c-2ecbe4403817}" = Business Contact Manager dla programu Outlook 2007 "{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Acer Crystal Eye webcam "{4EA46C71-CF0B-E932-F09E-81E83D4C3A4E}" = Catalyst Control Center Localization German "{4EC13867-3C71-0CEC-88BC-FA0D308966FF}" = Catalyst Control Center Localization Chinese Standard "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{502B07AB-9DD1-F9AC-7D1A-6F265003FBFD}" = Catalyst Control Center Localization French "{50A0893D-47D8-48E0-A7E8-44BCD7E4422E}" = Microsoft SQL Server Native Client "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English) "{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management "{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security "{5C39E087-5518-7F09-7DCF-12073726CF84}" = Catalyst Control Center Localization Czech "{5E6F1230-06E8-C7A9-89B7-09C0414BCC9E}" = Catalyst Control Center Localization Danish "{60FCDA4F-8008-FBDF-FFEC-EA5101E9F3F4}" = Catalyst Control Center Localization Japanese "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6DFA698C-EB46-412F-9886-93B2C8617841}" = Catalyst Control Center - Branding "{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow "{76E1503E-8DBB-3521-1880-5B2D288163F2}" = Catalyst Control Center Localization Norwegian "{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit "{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver "{7D083C9E-3822-4FCE-BCB8-F39B16880C60}" = Catalyst Control Center Localization Dutch "{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus "{89280B77-24FA-9C0B-3BF0-8ED7E8873644}" = Catalyst Control Center Localization Spanish "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager "{90A40415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour "{95FB5C06-F577-D340-5B40-9F1243F30CDD}" = Catalyst Control Center Localization Korean "{99B7756C-AA8B-1EDD-697B-2B198BDCC34B}" = Catalyst Control Center Localization Russian "{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Składniki łączności pakietu Microsoft Office Small Business "{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology "{AB71E8EA-902A-654F-0E08-862CA0328764}" = ccc-utility "{AC4BB070-A5CB-86C8-659F-85C62E27F046}" = Catalyst Control Center Localization Polish "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0 "{AF255B94-DFE9-5977-1F82-0D9E4073EABD}" = Catalyst Control Center Localization Hungarian "{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist "{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI "{BE6C4D32-7CDB-8639-3595-984859850522}" = ATI Catalyst Install Manager "{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management "{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management "{C0D2F614-5CE5-4DCB-8678-E5C9AF7044F8}" = Microsoft SQL Server VSS Writer "{C1E37C71-121A-6811-153A-705C0A368CD3}" = Catalyst Control Center Localization Italian "{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1 "{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component "{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller "{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component "{D9782503-10D1-A2D4-A5B7-C081C7B63708}" = Catalyst Control Center Localization Chinese Traditional "{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI "{DD1DED37-2486-4F56-8F89-56AA814003F5}" = Acer Crystal Eye webcam "{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security "{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security "{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Business Contact Manager dla programu Outlook 2007" = Business Contact Manager dla programu Outlook 2007 "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP "GridVista" = Acer GridVista "InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker "InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow "InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers. "LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation) "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "PROHYBRIDR" = 2007 Microsoft Office system "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation) "SynTPDeinstKey" = Synaptics Pointing Device Driver [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2011-08-31 14:18:23 | Computer Name = Rysiek-PC | Source = VSS | ID = 8194 Description = Error - 2011-08-31 14:19:18 | Computer Name = Rysiek-PC | Source = VSS | ID = 8194 Description = Error - 2011-08-31 14:19:55 | Computer Name = Rysiek-PC | Source = VSS | ID = 8194 Description = Error - 2011-08-31 14:20:46 | Computer Name = Rysiek-PC | Source = VSS | ID = 8194 Description = Error - 2011-08-31 14:21:54 | Computer Name = Rysiek-PC | Source = VSS | ID = 8194 Description = Error - 2011-08-31 14:24:42 | Computer Name = Rysiek-PC | Source = MsiInstaller | ID = 11719 Description = Error - 2011-08-31 14:32:18 | Computer Name = Rysiek-PC | Source = WerSvc | ID = 5007 Description = Error - 2011-08-31 14:45:47 | Computer Name = Rysiek-PC | Source = WerSvc | ID = 5007 Description = Error - 2011-08-31 14:59:18 | Computer Name = Rysiek-PC | Source = WerSvc | ID = 5007 Description = Error - 2011-08-31 16:30:32 | Computer Name = Rysiek-PC | Source = WerSvc | ID = 5007 Description = [ System Events ] Error - 2011-08-31 14:22:12 | Computer Name = Rysiek-PC | Source = Service Control Manager | ID = 7030 Description = Error - 2011-08-31 14:25:34 | Computer Name = Rysiek-PC | Source = DCOM | ID = 10010 Description = Error - 2011-08-31 14:31:22 | Computer Name = Rysiek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 20:29:27 na 2011-08-31 było nieoczekiwane. Error - 2011-08-31 14:32:09 | Computer Name = Rysiek-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2011-08-31 14:37:48 | Computer Name = Rysiek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 20:35:58 na 2011-08-31 było nieoczekiwane. Error - 2011-08-31 14:39:02 | Computer Name = Rysiek-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2011-08-31 14:52:13 | Computer Name = Rysiek-PC | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 20:50:24 na 2011-08-31 było nieoczekiwane. Error - 2011-08-31 14:53:03 | Computer Name = Rysiek-PC | Source = Service Control Manager | ID = 7000 Description = Error - 2011-08-31 15:02:16 | Computer Name = Rysiek-PC | Source = DCOM | ID = 10010 Description = Error - 2011-08-31 16:25:16 | Computer Name = Rysiek-PC | Source = Service Control Manager | ID = 7000 Description = < End of report >

logi otl

Kod: Zaznacz wszystko: OTL logfile created on: 2011-08-31 22:28:00 - Run 2 OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Rysiek\Desktop Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16546) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1021,81 Mb Total Physical Memory | 446,04 Mb Available Physical Memory | 43,65% Memory free 2,24 Gb Paging File | 1,41 Gb Available in Paging File | 62,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 69,65 Gb Total Space | 57,53 Gb Free Space | 82,60% Space Free | Partition Type: NTFS Drive D: | 69,64 Gb Total Space | 67,17 Gb Free Space | 96,46% Space Free | Partition Type: NTFS Drive F: | 1,86 Gb Total Space | 1,60 Gb Free Space | 85,99% Space Free | Partition Type: FAT32 Computer Name: RYSIEK-PC | User Name: Rysiek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-09-01 05:34:26 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-08-31 20:09:42 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Rysiek\AppData\Local\Temp\RtkBtMnt.exe PRC - [2011-08-28 16:02:52 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Rysiek\Desktop\OTL.exe PRC - [2007-12-06 01:25:58 | 000,458,752 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe PRC - [2007-10-30 18:45:48 | 000,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe PRC - [2007-08-29 10:35:38 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe PRC - [2007-07-16 10:43:42 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007-06-13 16:56:18 | 000,765,952 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNMTray.exe PRC - [2007-06-13 16:54:36 | 000,135,168 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe PRC - [2007-05-29 02:29:00 | 004,472,832 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007-03-21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007-03-21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2006-11-21 22:45:00 | 000,194,240 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2006-11-21 22:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe PRC - [2006-11-21 22:44:28 | 000,107,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe PRC - [2006-11-21 22:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe PRC - [2006-11-02 11:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-09-01 05:28:20 | 005,156,864 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll MOD - [2011-08-31 20:11:06 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2832.38383__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2011-08-31 20:11:06 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2832.38604__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2011-08-31 20:11:06 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2832.38339__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2011-08-31 20:11:06 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2832.38395__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2011-08-31 20:11:06 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2832.38596__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2011-08-31 20:11:06 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2832.38374__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2011-08-31 20:11:06 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2832.38493__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2011-08-31 20:11:06 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2832.38360__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2011-08-31 20:11:05 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2832.38555__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2011-08-31 20:11:05 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2791.32000__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2011-08-31 20:11:05 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2791.31999__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2011-08-31 20:11:05 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2791.32024__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2011-08-31 20:11:05 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2791.32011__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2011-08-31 20:11:05 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2791.32025__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2011-08-31 20:11:04 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2011-08-31 20:11:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2791.31986__90ba9c70f846762e\LOG.Foundation.dll MOD - [2011-08-31 20:11:04 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2791.31992__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2011-08-31 20:11:04 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2791.32016__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2011-08-31 20:11:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2791.32006__90ba9c70f846762e\MOM.Foundation.dll MOD - [2011-08-31 20:11:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2791.32016__90ba9c70f846762e\DEM.OS.dll MOD - [2011-08-31 20:11:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2011-08-31 20:11:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2791.32015__90ba9c70f846762e\DEM.Graphics.dll MOD - [2011-08-31 20:11:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2011-08-31 20:11:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2791.32027__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2011-08-31 20:11:03 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2791.32002__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2011-08-31 20:11:03 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2791.31988__90ba9c70f846762e\CLI.Foundation.dll MOD - [2011-08-31 20:11:03 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2791.32026__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2011-08-31 20:11:03 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2791.32007__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2011-08-31 20:11:03 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2791.32434__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2011-08-31 20:11:03 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2791.32007__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2011-08-31 20:11:03 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2791.31995__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2011-08-31 20:11:03 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2791.32029__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2011-08-31 20:11:03 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2791.32001__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2011-08-31 20:11:03 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2791.32029__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2011-08-31 20:11:02 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2791.32011__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2011-08-31 20:11:02 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2791.31987__90ba9c70f846762e\AEM.Foundation.dll MOD - [2011-08-31 20:11:02 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2011-08-31 20:11:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2791.32006__90ba9c70f846762e\APM.Foundation.dll MOD - [2011-08-31 20:11:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2791.32001__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2011-08-31 20:10:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2832.38660__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2011-08-31 20:10:54 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2832.38367__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2011-08-31 20:10:54 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2832.38618__90ba9c70f846762e\MOM.Implementation.dll MOD - [2011-08-31 20:10:54 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2832.38331__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2011-08-31 20:10:54 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2832.38616__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2011-08-31 20:10:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2791.31996__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2011-08-31 20:10:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2791.32008__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2011-08-31 20:10:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2791.31993__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2011-08-31 20:10:54 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2791.32039__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2011-08-31 20:10:54 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2791.32009__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2011-08-31 20:10:54 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2832.38330__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2011-08-31 20:10:53 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2832.38332__90ba9c70f846762e\ATIDEMOS.dll MOD - [2011-08-31 20:10:53 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2832.38331__90ba9c70f846762e\APM.Server.dll MOD - [2011-08-31 20:10:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2832.38330__90ba9c70f846762e\AEM.Server.dll MOD - [2011-08-31 20:10:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2791.32004__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2011-08-31 20:10:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2832.38617__90ba9c70f846762e\CCC.Implementation.dll MOD - [2011-08-31 20:10:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2011-08-31 20:10:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2791.32030__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2007-10-04 09:02:30 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2007-08-29 10:35:12 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll MOD - [2007-08-29 10:34:34 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll MOD - [2007-07-24 10:39:40 | 000,208,896 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll MOD - [2007-07-16 20:18:53 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2007-06-13 16:56:36 | 000,249,856 | R--- | M] () -- C:\Acer\Empowering Technology\eNet\eNetPlugin.dll MOD - [2007-04-11 16:42:40 | 000,307,200 | ---- | M] () -- C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll MOD - [2006-11-02 15:07:06 | 001,060,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3fe3f7ba542ab78e52e49d19640a7e64\System.Management.ni.dll MOD - [2006-11-02 15:03:37 | 013,148,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\35a9f19f21aac42b979be321f1bb5fd4\System.Windows.Forms.ni.dll MOD - [2006-11-02 15:03:23 | 001,617,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\70c145ed25af403aa899ffcb633350b1\System.Drawing.ni.dll MOD - [2006-11-02 15:03:14 | 005,619,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f76a7622c73e26e4d2daf54068d7ff79\System.Xml.ni.dll MOD - [2006-11-02 15:02:48 | 001,003,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d7b63c1d2ab17ac3cc24881c4ff78b63\System.Configuration.ni.dll MOD - [2006-11-02 15:02:47 | 000,229,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\61b951bd03727a096c1c02cb18d5ce30\System.ServiceProcess.ni.dll MOD - [2006-11-02 14:52:17 | 008,151,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll MOD - [2006-11-02 14:52:04 | 011,628,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll MOD - [2006-10-20 03:14:53 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2006-10-20 03:14:52 | 000,368,640 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2007-10-30 18:45:48 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService) SRV - [2007-07-16 11:03:21 | 001,174,152 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC) SRV - [2007-07-16 10:43:42 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-06-13 16:54:36 | 000,135,168 | R--- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service) SRV - [2007-03-21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2006-11-21 22:45:00 | 002,541,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate) SRV - [2006-11-21 22:45:00 | 000,194,240 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler) SRV - [2006-11-21 22:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService) SRV - [2006-11-21 22:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr) SRV - [2006-11-21 22:44:32 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr) SRV - [2006-11-21 22:43:42 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore) SRV - [2006-11-21 22:42:52 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost) SRV - [2006-11-21 22:42:12 | 000,080,552 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2007-10-04 09:13:48 | 003,155,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007-08-08 18:26:06 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Sterownik karty Intel(R) DRV - [2007-07-27 10:25:46 | 000,974,248 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607) DRV - [2007-07-16 11:05:07 | 000,109,744 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2007-05-02 13:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21) DRV - [2006-11-29 02:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2006-11-21 22:45:42 | 000,275,576 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL) DRV - [2006-11-21 22:45:42 | 000,245,880 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP) DRV - [2006-11-21 22:45:42 | 000,024,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX) DRV - [2006-11-21 22:45:36 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv) DRV - [2006-11-21 22:44:14 | 000,831,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVEX15.SYS -- (NAVEX15) DRV - [2006-11-21 22:44:12 | 000,079,240 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20061106.064\NAVENG.SYS -- (NAVENG) DRV - [2006-11-21 22:44:10 | 000,387,432 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2006-11-21 22:42:22 | 000,202,872 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20061025.029\IDSvix86.sys -- (IDSvix86) DRV - [2006-11-02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) DRV - [2006-11-02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Sterownik karty Intel(R) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data] IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data] IE - HKU\S-1-5-21-2570177131-1483059283-4049650078-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data] IE - HKU\S-1-5-21-2570177131-1483059283-4049650078-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation) O4 - HKLM..\Run: [Acer Tour] File not found O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [IS CfgWiz] c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe (Symantec Corporation) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [osCheck] c:\Program Files\Norton Internet Security\osCheck.exe (Symantec Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2570177131-1483059283-4049650078-1003..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.) O13 - gopher Prefix: missing O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Acer03.bmp O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer03.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-09-01 05:34:48 | 002,772,992 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw4r32.dll [2011-09-01 05:34:48 | 002,226,688 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys [2011-09-01 05:34:48 | 000,684,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw4c32.dll [2011-09-01 05:34:27 | 003,504,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011-09-01 05:34:27 | 003,471,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011-09-01 05:34:27 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011-09-01 05:34:27 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr [2011-09-01 05:34:26 | 002,923,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011-09-01 05:34:26 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2011-09-01 05:34:25 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll [2011-09-01 05:34:25 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll [2011-09-01 05:34:25 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll [2011-09-01 05:34:25 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll [2011-09-01 05:34:15 | 000,000,000 | -HSD | C] -- C:\$Recycle.bin [2011-09-01 05:33:54 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2011-09-01 05:33:53 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll [2011-09-01 05:33:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll [2011-09-01 05:33:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx [2011-09-01 05:33:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll [2011-09-01 05:33:33 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2011-09-01 05:33:33 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll [2011-09-01 05:33:33 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll [2011-09-01 05:33:33 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2011-09-01 05:33:10 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll [2011-09-01 05:32:00 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-09-01 05:31:59 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-09-01 05:31:57 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011-09-01 05:31:57 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011-09-01 05:31:57 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011-09-01 05:31:57 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-09-01 05:31:57 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011-09-01 05:31:56 | 001,824,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011-09-01 05:31:55 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011-09-01 05:31:55 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011-09-01 05:31:55 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011-09-01 05:31:54 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011-09-01 05:29:43 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll [2011-09-01 05:29:43 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe [2011-09-01 05:29:43 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll [2011-09-01 05:29:42 | 001,984,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2011-09-01 05:29:42 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2011-09-01 05:29:42 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2011-09-01 05:29:42 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll [2011-09-01 05:29:41 | 008,138,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr [2011-09-01 05:29:13 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl [2011-09-01 05:29:13 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe [2011-09-01 05:29:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll [2011-09-01 05:29:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe [2011-09-01 05:29:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MUILanguageCleanup.dll [2011-09-01 05:28:56 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll [2011-09-01 05:28:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasser.dll [2011-09-01 05:28:56 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll [2011-09-01 05:28:55 | 000,564,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll [2011-09-01 05:28:55 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll [2011-09-01 05:28:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\traffic.dll [2011-09-01 05:28:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmxs.dll [2011-09-01 05:28:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll [2011-09-01 05:28:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll [2011-09-01 05:28:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe [2011-09-01 05:28:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011-09-01 05:28:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011-09-01 05:25:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2011-09-01 05:25:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll [2011-09-01 05:25:04 | 000,000,000 | ---D | C] -- C:\Windows\Users [2011-09-01 05:24:42 | 000,374,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll [2011-09-01 05:24:27 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll [2011-09-01 05:24:27 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll [2011-09-01 05:24:27 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll [2011-09-01 05:24:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll [2011-09-01 05:24:09 | 004,247,552 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2011-09-01 05:24:09 | 001,686,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2011-09-01 05:23:51 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll [2011-09-01 05:23:51 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe [2011-09-01 05:23:51 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe [2011-09-01 05:23:51 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe [2011-09-01 05:23:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll [2011-09-01 05:23:51 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll [2011-09-01 05:22:42 | 002,455,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011-09-01 05:21:48 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll [2011-09-01 05:21:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll [2011-09-01 05:21:48 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll [2011-09-01 05:20:18 | 000,183,056 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINST32.EXE [2011-09-01 05:19:47 | 000,176,128 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\UCI32M16.dll [2011-09-01 05:19:47 | 000,094,208 | ---- | C] (Conexant) -- C:\Windows\System32\mdmxsdk.dll [2011-09-01 05:19:47 | 000,008,192 | ---- | C] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys [2011-09-01 05:19:46 | 000,974,248 | ---- | C] (Bison Electronics. Inc. ) -- C:\Windows\System32\drivers\BisonC07.sys [2011-09-01 05:19:46 | 000,180,224 | ---- | C] (Bison Inc.) -- C:\Windows\System32\BisonR07.dll [2011-09-01 05:19:45 | 009,158,656 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\atioglxx.dll [2011-09-01 05:19:45 | 003,887,104 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdva.dll [2011-09-01 05:19:45 | 003,155,456 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2011-09-01 05:19:45 | 003,071,488 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll [2011-09-01 05:19:45 | 001,429,504 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll [2011-09-01 05:19:45 | 000,356,352 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll [2011-09-01 05:19:45 | 000,266,240 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll [2011-09-01 05:19:45 | 000,245,760 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.dll [2011-09-01 05:19:45 | 000,049,152 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2011-09-01 05:19:45 | 000,048,128 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2011-09-01 05:19:45 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2011-09-01 05:19:43 | 000,000,000 | ---D | C] -- C:\Windows\VGA [2011-09-01 05:19:36 | 000,020,480 | ---- | C] (Wistron Corp.) -- C:\Windows\RUNXMLPL.EXE [2011-09-01 05:19:36 | 000,000,000 | ---D | C] -- C:\Windows\Lan [2011-08-31 22:25:25 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD [2011-08-31 20:40:02 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Rysiek\Desktop\OTL.exe [2011-08-31 20:38:55 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011-08-31 20:34:17 | 000,000,000 | -H-D | C] -- C:\Users\Rysiek\AppData\Local\acer eNM [2011-08-31 20:33:39 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Roaming\ATI [2011-08-31 20:33:39 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Local\ATI [2011-08-31 20:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011-08-31 20:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GridVista [2011-08-31 20:22:09 | 000,090,112 | R--- | C] (acer) -- C:\Windows\System32\eNetHook.dll [2011-08-31 20:21:36 | 000,029,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll [2011-08-31 20:21:13 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink [2011-08-31 20:17:46 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Local\Adobe [2011-08-31 20:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2011-08-31 20:13:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2011-08-31 20:13:01 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys [2011-08-31 20:12:20 | 009,137,711 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\acer.exe [2011-08-31 20:12:20 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Roaming\Macromedia [2011-08-31 20:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Acer Inc [2011-08-31 20:12:06 | 000,000,000 | ---D | C] -- C:\Windows\ACER [2011-08-31 20:11:44 | 000,000,000 | ---D | C] -- C:\Windows\BUVC_AP [2011-08-31 20:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye webcam [2011-08-31 20:11:21 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Roaming\InstallShield [2011-08-31 20:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011-08-31 20:09:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2011-08-31 20:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011-08-31 20:08:30 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011-08-31 20:08:30 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Searches [2011-08-31 20:08:30 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011-08-31 20:08:19 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Roaming\Identities [2011-08-31 20:08:17 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Contacts [2011-08-31 20:08:16 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Local\VirtualStore [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Ustawienia lokalne [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\AppData\Local\Temporary Internet Files [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Szablony [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\SendTo [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Recent [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\PrintHood [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\NetHood [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Documents\Moje wideo [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Documents\Moje obrazy [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Moje dokumenty [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Documents\Moja muzyka [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Menu Start [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\AppData\Local\Historia [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Dane aplikacji [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\AppData\Local\Dane aplikacji [2011-08-31 20:06:28 | 000,000,000 | -HSD | C] -- C:\Users\Rysiek\Cookies [2011-08-31 20:06:27 | 000,000,000 | --SD | C] -- C:\Users\Rysiek\AppData\Roaming\Microsoft [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Videos [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Saved Games [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Pictures [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Music [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Links [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Favorites [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Downloads [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Documents [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\Desktop [2011-08-31 20:06:27 | 000,000,000 | R--D | C] -- C:\Users\Rysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011-08-31 20:06:27 | 000,000,000 | -H-D | C] -- C:\Users\Rysiek\AppData [2011-08-31 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Local\Temp [2011-08-31 20:06:27 | 000,000,000 | ---D | C] -- C:\Users\Rysiek\AppData\Local\Microsoft [2011-08-31 20:02:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2011-08-31 20:02:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2011-08-31 20:02:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2011-08-31 20:02:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2011-08-31 20:02:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2011-08-31 20:02:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2011-08-31 20:02:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2011-08-31 20:02:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2011-08-31 20:02:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2011-08-31 19:44:02 | 000,000,000 | ---D | C] -- C:\Windows\BisonC07 [2011-08-31 19:43:45 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT [2011-08-31 19:40:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2007-07-16 11:22:36 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-09-01 05:34:27 | 003,504,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011-09-01 05:34:27 | 003,471,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2011-09-01 05:34:27 | 002,027,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011-09-01 05:34:27 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr [2011-09-01 05:34:26 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011-09-01 05:34:26 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2011-09-01 05:34:26 | 000,028,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys [2011-09-01 05:34:25 | 001,655,289 | ---- | M] () -- C:\Windows\System32\wlan.tmf [2011-09-01 05:34:25 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll [2011-09-01 05:34:25 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll [2011-09-01 05:34:25 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll [2011-09-01 05:34:25 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll [2011-09-01 05:33:54 | 008,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2011-09-01 05:33:53 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll [2011-09-01 05:33:53 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll [2011-09-01 05:33:53 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx [2011-09-01 05:33:31 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2011-09-01 05:33:31 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll [2011-09-01 05:33:31 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll [2011-09-01 05:33:31 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2011-09-01 05:33:10 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll [2011-09-01 05:32:00 | 001,383,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-09-01 05:31:59 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-09-01 05:31:57 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011-09-01 05:31:57 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011-09-01 05:31:57 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011-09-01 05:31:57 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-09-01 05:31:57 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011-09-01 05:31:56 | 001,824,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011-09-01 05:31:55 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011-09-01 05:31:55 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011-09-01 05:31:55 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011-09-01 05:31:54 | 000,383,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011-09-01 05:30:56 | 000,008,888 | ---- | M] () -- C:\Windows\System32\RacUR.xml [2011-09-01 05:30:56 | 000,000,150 | ---- | M] () -- C:\Windows\System32\RacUREx.xml [2011-09-01 05:29:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll [2011-09-01 05:29:43 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntprint.exe [2011-09-01 05:29:43 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcmonitor.dll [2011-09-01 05:29:42 | 001,984,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2011-09-01 05:29:42 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2011-09-01 05:29:42 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2011-09-01 05:29:42 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll [2011-09-01 05:29:41 | 008,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ssBranded.scr [2011-09-01 05:29:13 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl [2011-09-01 05:29:13 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe [2011-09-01 05:29:13 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\LangCleanupSysprepAction.dll [2011-09-01 05:29:13 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe [2011-09-01 05:29:13 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MUILanguageCleanup.dll [2011-09-01 05:28:56 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rascfg.dll [2011-09-01 05:28:56 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasser.dll [2011-09-01 05:28:56 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll [2011-09-01 05:28:55 | 000,564,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll [2011-09-01 05:28:55 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll [2011-09-01 05:28:55 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\traffic.dll [2011-09-01 05:28:55 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasmxs.dll [2011-09-01 05:28:55 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll [2011-09-01 05:28:55 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll [2011-09-01 05:28:55 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icsunattend.exe [2011-09-01 05:28:55 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h [2011-09-01 05:28:54 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011-09-01 05:28:35 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011-09-01 05:25:42 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2011-09-01 05:25:26 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll [2011-09-01 05:24:42 | 000,374,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll [2011-09-01 05:24:27 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll [2011-09-01 05:24:27 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icfupgd.dll [2011-09-01 05:24:27 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmifw.dll [2011-09-01 05:24:27 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wfapigp.dll [2011-09-01 05:24:09 | 004,247,552 | ---- | M] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2011-09-01 05:24:09 | 001,686,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2011-09-01 05:23:51 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll [2011-09-01 05:23:51 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe [2011-09-01 05:23:51 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe [2011-09-01 05:23:51 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe [2011-09-01 05:23:51 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll [2011-09-01 05:23:51 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll [2011-09-01 05:22:42 | 002,455,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011-09-01 05:21:48 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoeacct.dll [2011-09-01 05:21:48 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll [2011-09-01 05:21:48 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ACCTRES.dll [2011-08-31 22:30:33 | 000,656,850 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-08-31 22:30:33 | 000,582,276 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-08-31 22:30:33 | 000,121,446 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-08-31 22:30:33 | 000,103,938 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-08-31 22:24:52 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-08-31 22:24:52 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-08-31 22:24:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-08-31 22:24:40 | 1072,095,232 | -HS- | M] () -- C:\hiberfil.sys [2011-08-31 20:52:05 | 217,864,895 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-08-31 20:33:22 | 000,000,201 | ---- | M] () -- C:\Windows\User.xml [2011-08-31 20:25:23 | 000,000,202 | ---- | M] () -- C:\Windows\Factory.xml [2011-08-31 20:22:25 | 000,000,092 | ---- | M] () -- C:\Windows\GridV.UNI [2011-08-31 20:22:25 | 000,000,000 | ---- | M] () -- C:\Windows\setup.INI [2011-08-31 20:21:40 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD.lnk [2011-08-31 20:19:45 | 000,001,671 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk [2011-08-31 20:19:42 | 000,001,818 | ---- | M] () -- C:\Users\Public\Desktop\Empowering Technology.lnk [2011-08-31 20:18:45 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\NTI Shadow.lnk [2011-08-31 20:17:23 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk [2011-08-31 20:13:01 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2011-08-31 20:13:01 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys [2011-08-31 20:11:44 | 000,000,573 | ---- | M] () -- C:\Users\Public\Desktop\Acer Crystal Eye webcam.lnk [2011-08-31 19:46:47 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2011-08-31 19:38:21 | 000,373,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-08-28 16:05:12 | 000,294,216 | ---- | M] () -- C:\Users\Rysiek\Desktop\gmer.zip [2011-08-28 16:02:52 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Rysiek\Desktop\OTL.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-09-01 05:34:50 | 000,002,641 | ---- | C] () -- C:\Patch2.rev [2011-09-01 05:34:25 | 001,655,289 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2011-09-01 05:30:56 | 000,008,888 | ---- | C] () -- C:\Windows\System32\RacUR.xml [2011-09-01 05:30:56 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml [2011-09-01 05:28:55 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h [2011-09-01 05:20:37 | 000,011,263 | -HS- | C] () -- C:\Patch.rev [2011-09-01 05:19:47 | 000,144,201 | ---- | C] () -- C:\Windows\System32\drivers\HSFProf.cty [2011-09-01 05:19:46 | 000,180,224 | ---- | C] () -- C:\Windows\System\StillDrv.dll [2011-09-01 05:19:46 | 000,172,032 | ---- | C] () -- C:\Windows\System\BisonC07.dll [2011-09-01 05:19:46 | 000,106,496 | ---- | C] () -- C:\Windows\System\BisonV07.dll [2011-09-01 05:19:46 | 000,015,190 | ---- | C] () -- C:\Windows\M3000Twn.ini [2011-09-01 05:19:46 | 000,013,448 | ---- | C] () -- C:\Windows\M3000Twn.src [2011-09-01 05:19:46 | 000,002,769 | ---- | C] () -- C:\Windows\System\S30H0330.csr [2011-09-01 05:19:46 | 000,001,913 | ---- | C] () -- C:\Windows\System\S30F0330.csr [2011-09-01 05:19:45 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2011-09-01 05:19:45 | 000,328,162 | ---- | C] () -- C:\Windows\System32\drivers\ativcaxx.cpa [2011-09-01 05:19:45 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2011-09-01 05:19:45 | 000,154,206 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011-09-01 05:19:45 | 000,052,480 | ---- | C] () -- C:\Windows\System32\drivers\ativvpxx.vp [2011-09-01 05:19:45 | 000,010,672 | ---- | C] () -- C:\Windows\atiogl.xml [2011-09-01 05:19:45 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativpkxx.vp [2011-09-01 05:19:45 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativokxx.vp [2011-09-01 05:19:45 | 000,002,096 | ---- | C] () -- C:\Windows\System32\drivers\ativdkxx.vp [2011-09-01 05:19:45 | 000,000,929 | ---- | C] () -- C:\Windows\System32\drivers\ativcaxx.vp [2011-08-31 20:39:59 | 000,294,216 | ---- | C] () -- C:\Users\Rysiek\Desktop\gmer.zip [2011-08-31 20:37:46 | 217,864,895 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011-08-31 20:22:25 | 000,000,092 | ---- | C] () -- C:\Windows\GridV.UNI [2011-08-31 20:22:25 | 000,000,000 | ---- | C] () -- C:\Windows\setup.INI [2011-08-31 20:21:40 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD.lnk [2011-08-31 20:21:35 | 000,000,631 | ---- | C] () -- C:\Windows\PDVD.iss [2011-08-31 20:21:35 | 000,000,631 | ---- | C] () -- C:\PDVD.iss [2011-08-31 20:17:23 | 000,001,891 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk [2011-08-31 20:17:23 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk [2011-08-31 20:12:20 | 036,909,056 | ---- | C] () -- C:\Windows\System32\acer.scr [2011-08-31 20:11:44 | 000,000,573 | ---- | C] () -- C:\Users\Public\Desktop\Acer Crystal Eye webcam.lnk [2011-08-31 20:08:32 | 000,000,953 | ---- | C] () -- C:\Users\Rysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011-08-31 20:08:29 | 000,000,948 | ---- | C] () -- C:\Users\Rysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2011-08-31 20:08:17 | 000,000,919 | ---- | C] () -- C:\Users\Rysiek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2011-08-31 19:46:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-08-31 19:46:43 | 1072,095,232 | -HS- | C] () -- C:\hiberfil.sys [2007-07-16 22:27:16 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll [2007-07-16 20:20:44 | 000,582,276 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2007-07-16 20:20:44 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2007-07-16 20:20:44 | 000,103,938 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2007-07-16 20:20:44 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2007-07-16 20:13:35 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007-07-16 11:22:35 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll [2007-07-16 10:48:13 | 000,001,132 | ---- | C] () -- C:\Windows\RtDefLvl.ini [2007-04-20 12:36:52 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll [2007-04-20 12:36:52 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll [2007-04-20 12:36:52 | 000,000,041 | ---- | C] () -- C:\Windows\PreLaunch.ini [2006-11-02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:44:53 | 000,373,184 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 12:33:01 | 000,656,850 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 12:33:01 | 000,121,446 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006-11-02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2006-11-02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2001-12-26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll [2001-09-03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll [2001-07-30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll [2001-07-23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll [color=#E56717]========== LOP Check ==========[/color] [2011-08-31 21:02:24 | 000,008,142 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >

gmer pre-skan

Kod: Zaznacz wszystko: ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Menedżer filtrów systemu plików firmy Microsoft/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Dynamiczna struktura WDF/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Dynamiczna struktura WDF/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----

nie mogłem zrobić pełnego skanu gmer'em ponieważ restartował mi się komputer

Dodano Dzisiaj, 16:04:
up^^