
mam Asusa EEE 1000HE Atom N280 i 2GB RAM z zainstalowanym Windows 7 Ultimate. Problem polega na tym, że przycinają mi się wszystkie programy, sam system też nieco szwankuje, zawiesza się na ułamek sekundy i się odwiesza, ale sytuacja powtarza się bardzo często. Np. Firefox przycina się na ułamek sekundy gdy wciskam np. cofnij stronę, klikam w link czy cokolwiek innego. Komputer prawie rok chodził z tym systemem bez problemu, teraz zaczęły się problemy. Daję oczywiście logi:
- Kod: Zaznacz wszystko
OTL logfile created on: 2012-01-30 19:26:27 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mateusz\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1,99 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 68,51% Memory free
3,98 Gb Paging File | 3,38 Gb Available in Paging File | 84,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 82,82 Gb Total Space | 35,50 Gb Free Space | 42,86% Space Free | Partition Type: NTFS
Drive D: | 61,29 Gb Total Space | 28,96 Gb Free Space | 47,25% Space Free | Partition Type: NTFS
Computer Name: MK | User Name: Mateusz | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012-01-30 17:50:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- -- (HWDeviceService.exe)
SRV - [2012-01-27 23:51:34 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\Program Files\QuestBasic\questbasic.exe -- (QuestBasic Service)
SRV - [2012-01-23 18:05:11 | 000,224,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe -- (Internet Manager. RunOuc)
SRV - [2011-12-03 00:18:39 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011-11-09 20:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011-11-03 15:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2011-10-12 00:38:23 | 000,111,632 | ---- | M] (TMRG, Inc.) [Auto | Stopped] -- C:\Program Files\RelevantKnowledge\rlservice.exe -- (RelevantKnowledge)
SRV - [2011-07-04 12:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010-05-20 23:56:36 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010-05-20 23:56:32 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2010-05-20 23:56:18 | 000,399,920 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
SRV - [2010-05-20 22:40:20 | 000,539,184 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010-04-27 15:42:04 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2009-10-14 15:44:38 | 000,090,112 | ---- | M] (France Telecom SA) [Auto | Stopped] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)
SRV - [2009-08-18 16:35:56 | 000,219,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2012-01-23 18:05:22 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juwwanecm.sys -- (huawei_wwanecm)
DRV - [2012-01-23 18:05:22 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - [2012-01-23 18:05:22 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012-01-23 18:05:22 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - [2012-01-23 18:05:22 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2012-01-23 18:05:22 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - [2012-01-23 18:05:21 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012-01-23 18:05:21 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2011-11-03 15:44:20 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011-09-21 10:25:34 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2011-07-04 12:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-07-04 12:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-07-04 12:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-07-04 12:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-07-04 12:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011-07-04 12:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-05-07 17:51:28 | 000,455,256 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2011-03-18 13:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011-03-18 13:46:10 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-05-20 23:56:56 | 000,854,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV - [2010-05-20 23:56:56 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV - [2010-05-20 23:55:04 | 000,024,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2010-05-20 23:53:58 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2010-05-20 22:40:08 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV - [2010-05-20 20:19:20 | 000,036,400 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2010-05-20 20:19:20 | 000,031,280 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmusb.sys -- (vmusb)
DRV - [2010-05-20 20:19:20 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2010-04-27 15:41:40 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2010-04-12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-10-16 18:11:58 | 000,107,520 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtuhs51.sys -- (GTUHSNDISIPXP)
DRV - [2009-10-16 18:11:58 | 000,066,560 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtuhsbus.sys -- (GTUHSBUS)
DRV - [2009-10-16 18:11:58 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gtuhsser.sys -- (GTUHSSER)
DRV - [2009-10-09 02:37:44 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009-07-14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009-07-13 23:02:47 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E) Sterownik miniportu NDIS dla kontrolera Ethernet Atheros AR8121/AR8113/AR8114 PCI-E (NDIS6.20)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-137407815-3606119779-1577291113-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.wp.pl/"
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..keyword.URL: "http://www.questbasic.com/?tmp=nemo_results_removelink&prt=QstbscWD4&keywords="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-08-30 19:52:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012-01-18 16:54:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-01-23 18:05:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-09-07 09:28:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011-04-05 07:00:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Extensions
[2012-01-08 15:15:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\9vuk18th.default\extensions
[2011-12-28 14:20:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mateusz\AppData\Roaming\mozilla\Firefox\Profiles\9vuk18th.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-01-29 14:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-01-29 14:21:44 | 000,000,000 | ---D | M] (QuestBasic) -- C:\Program Files\Mozilla Firefox\extensions\{1CE72EFA-E2D1-48FA-A5EC-D7111C2C5BB6}
[2011-12-20 20:24:38 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-05-18 11:12:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9VUK18TH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9VUK18TH.DEFAULT\EXTENSIONS\{E6C1199F-E687-42DA-8C24-E7770CC3AE66}.XPI
() (No name found) -- C:\USERS\MATEUSZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9VUK18TH.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2011-09-07 09:28:14 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-08-25 19:47:49 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-08-25 19:47:49 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-08-25 19:47:49 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-08-25 19:47:49 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-08-25 19:47:49 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-08-25 19:47:49 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Mateusz\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HotKeyMon] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [SuperHybridEngine] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [Windows Defender] File not found
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-137407815-3606119779-1577291113-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-137407815-3606119779-1577291113-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20EDBE66-BBA9-4CCF-A274-8C1A48DC5CB2}: DhcpNameServer = 172.16.24.161 172.16.24.156
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E906700B-EAB2-4EB2-8450-29E29E53DDCA}: NameServer = 213.158.199.1 213.158.199.5
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3cdf0a31-45e2-11e1-a6d4-005056c00001}\Shell - "" = AutoRun
O33 - MountPoints2\{3cdf0a31-45e2-11e1-a6d4-005056c00001}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3cdf0a41-45e2-11e1-a6d4-002243cfe9d8}\Shell - "" = AutoRun
O33 - MountPoints2\{3cdf0a41-45e2-11e1-a6d4-002243cfe9d8}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{46d8cd7d-deec-11e0-a8f6-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{46d8cd7d-deec-11e0-a8f6-005056c00008}\Shell\AutoRun\command - "" = F:\ZFPOrange.exe
O33 - MountPoints2\{7b8cacdd-32ec-11e1-acba-005056c00001}\Shell - "" = AutoRun
O33 - MountPoints2\{7b8cacdd-32ec-11e1-acba-005056c00001}\Shell\AutoRun\command - "" = G:\ZFPOrange.exe
O33 - MountPoints2\{970f7681-fba9-11e0-a7e5-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{970f7681-fba9-11e0-a7e5-00f1d000f1d0}\Shell\AutoRun\command - "" = G:\ZFPOrange.exe
O33 - MountPoints2\{9ea4b0fd-6cb0-11e0-8d9a-00248c5d9f98}\Shell - "" = AutoRun
O33 - MountPoints2\{9ea4b0fd-6cb0-11e0-8d9a-00248c5d9f98}\Shell\AutoRun\command - "" = G:\ZFPOrange.exe
O33 - MountPoints2\{9ea4b121-6cb0-11e0-8d9a-00248c5d9f98}\Shell - "" = AutoRun
O33 - MountPoints2\{9ea4b121-6cb0-11e0-8d9a-00248c5d9f98}\Shell\AutoRun\command - "" = G:\ZFPOrange.exe
O33 - MountPoints2\{9ea4b199-6cb0-11e0-8d9a-00f1d000f1d0}\Shell - "" = AutoRun
O33 - MountPoints2\{9ea4b199-6cb0-11e0-8d9a-00f1d000f1d0}\Shell\AutoRun\command - "" = G:\ZFPOrange.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\ZFPOrange.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012-01-30 17:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[2012-01-30 17:50:01 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
[2012-01-29 15:28:42 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\AMW
[2012-01-29 14:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\RelevantKnowledge
[2012-01-29 14:21:58 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\windows-7-themes.com
[2012-01-29 14:21:42 | 000,000,000 | ---D | C] -- C:\ProgramData\QuestBasic
[2012-01-29 14:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuestBasic
[2012-01-29 14:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\windows-7-themes.com
[2012-01-28 23:50:37 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\System32\drivers\cpuz135_x32.sys
[2012-01-28 23:50:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012-01-28 23:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012-01-23 18:07:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
[2012-01-23 18:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Internet Manager
[2012-01-23 18:07:05 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2012-01-23 18:07:05 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2012-01-23 18:07:05 | 000,181,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2012-01-23 18:07:05 | 000,090,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2012-01-23 18:07:05 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2012-01-23 18:07:05 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2012-01-23 18:07:04 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2012-01-23 18:07:04 | 000,349,184 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2012-01-23 18:07:04 | 000,194,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-01-23 18:07:04 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2012-01-23 18:07:04 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2012-01-23 18:07:04 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2012-01-23 18:07:04 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2012-01-23 18:07:04 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012-01-23 18:05:47 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\T-Mobile
[2012-01-23 18:05:46 | 000,724,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bmutil.dll
[2012-01-23 18:05:46 | 000,480,384 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmnet.dll
[2012-01-23 18:05:46 | 000,024,192 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys
[2012-01-23 18:05:46 | 000,013,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sporder.dll
[2012-01-23 18:05:46 | 000,013,184 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys
[2012-01-23 18:05:45 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll
[2012-01-23 18:05:45 | 000,132,224 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin
[2012-01-23 18:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\T-Mobile
[2012-01-23 18:04:40 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2012-01-13 17:33:03 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012-01-13 17:33:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012-01-10 21:02:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012-01-10 21:02:38 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012-01-10 21:02:38 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012-01-09 02:39:14 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\vlc
[2012-01-09 02:38:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012-01-09 02:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[1 C:\Users\Mateusz\AppData\Local\*.tmp files -> C:\Users\Mateusz\AppData\Local\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012-01-30 19:29:58 | 000,678,134 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-01-30 19:29:58 | 000,597,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-01-30 19:29:58 | 000,127,046 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-01-30 19:29:58 | 000,100,346 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-01-30 19:24:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-01-30 19:24:20 | 1603,723,264 | -HS- | M] () -- C:\hiberfil.sys
[2012-01-30 18:25:02 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-01-30 17:56:43 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-01-30 17:54:49 | 000,019,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-01-30 17:54:49 | 000,019,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-01-30 17:51:56 | 000,000,000 | ---- | M] () -- C:\Users\Mateusz\defogger_reenable
[2012-01-30 17:51:04 | 000,050,477 | ---- | M] () -- C:\Users\Mateusz\Desktop\Defogger.exe
[2012-01-30 17:50:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe
[2012-01-30 17:47:53 | 000,302,592 | ---- | M] () -- C:\Users\Mateusz\Desktop\feo1v6jm.exe
[2012-01-30 16:16:25 | 000,602,895 | ---- | M] () -- C:\Users\Mateusz\Desktop\Plan zajęć.pdf
[2012-01-29 14:20:54 | 000,000,000 | ---- | M] () -- C:\ProgramData\5585d7c0618e1b6dcbbafade486eda49_c
[2012-01-23 18:09:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2012-01-23 18:09:07 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2012-01-23 18:07:50 | 000,001,199 | ---- | M] () -- C:\Users\Public\Desktop\Internet Manager.lnk
[2012-01-23 18:07:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2012-01-23 18:05:22 | 000,861,696 | ---- | M] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2012-01-23 18:05:22 | 000,181,760 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
[2012-01-23 18:05:22 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2012-01-23 18:05:22 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2012-01-23 18:05:22 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2012-01-23 18:05:22 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2012-01-23 18:05:22 | 000,024,192 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\tcpipBM.sys
[2012-01-23 18:05:22 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2012-01-23 18:05:21 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2012-01-23 18:05:21 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2012-01-23 18:05:21 | 000,349,184 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
[2012-01-23 18:05:21 | 000,194,816 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012-01-23 18:05:21 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2012-01-23 18:05:21 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2012-01-23 18:05:21 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2012-01-23 18:05:21 | 000,013,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sporder.dll
[2012-01-23 18:05:21 | 000,013,184 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\drivers\BMLoad.sys
[2012-01-23 18:05:14 | 000,724,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bmutil.dll
[2012-01-23 18:05:14 | 000,480,384 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\bmnet.dll
[2012-01-23 18:05:13 | 000,308,352 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\bminstall.dll
[2012-01-23 18:05:05 | 000,132,224 | ---- | M] (Bytemobile, Inc.) -- C:\Windows\System32\bmdumpd.bin
[1 C:\Users\Mateusz\AppData\Local\*.tmp files -> C:\Users\Mateusz\AppData\Local\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012-01-30 17:51:56 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\defogger_reenable
[2012-01-30 17:51:04 | 000,050,477 | ---- | C] () -- C:\Users\Mateusz\Desktop\Defogger.exe
[2012-01-30 17:47:48 | 000,302,592 | ---- | C] () -- C:\Users\Mateusz\Desktop\feo1v6jm.exe
[2012-01-30 16:16:25 | 000,602,895 | ---- | C] () -- C:\Users\Mateusz\Desktop\Plan zajęć.pdf
[2012-01-29 14:20:54 | 000,000,000 | ---- | C] () -- C:\ProgramData\5585d7c0618e1b6dcbbafade486eda49_c
[2012-01-23 18:09:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
[2012-01-23 18:09:07 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
[2012-01-23 18:07:50 | 000,001,199 | ---- | C] () -- C:\Users\Public\Desktop\Internet Manager.lnk
[2012-01-23 18:07:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2011-12-07 03:07:03 | 000,000,000 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\{955AA452-3FAA-4F45-8EA5-CD0A76DAA56F}
[2011-10-19 11:59:44 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-10-19 11:59:44 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011-08-26 14:01:00 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-08-26 14:00:57 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-08-25 21:49:31 | 000,004,692 | ---- | C] () -- C:\Windows\System32\drivers\SamSfPa.dat
[2011-08-25 21:49:30 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2011-08-25 18:18:15 | 000,007,605 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\resmon.resmoncfg
[2011-06-02 18:36:47 | 000,000,048 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011-04-29 10:23:34 | 000,723,981 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\unins000.exe
[2011-04-29 10:23:34 | 000,002,154 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\unins000.dat
[2011-04-22 09:48:45 | 000,630,217 | ---- | C] () -- C:\Windows\unins000.exe
[2011-04-22 09:48:45 | 000,061,990 | ---- | C] () -- C:\Windows\unins000.dat
[2011-04-19 11:05:57 | 000,028,072 | ---- | C] () -- C:\Windows\scunin.dat
[2011-04-11 12:30:25 | 000,219,136 | ---- | C] () -- C:\Windows\System32\AsusService.exe
[2011-04-11 12:30:25 | 000,021,864 | ---- | C] () -- C:\Windows\AsAcpiSvrLang.ini
[2011-04-05 08:20:03 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI
[2011-04-04 11:31:52 | 000,001,746 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009-08-04 08:21:18 | 000,678,372 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2009-08-04 08:21:18 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2009-08-04 08:21:18 | 000,127,252 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2009-08-04 08:21:18 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2009-07-14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 05:33:53 | 000,284,168 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-07-14 03:05:48 | 000,597,648 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009-07-14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009-07-14 03:05:48 | 000,100,544 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009-07-14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009-07-14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009-07-14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009-07-14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[1999-01-22 17:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
[color=#E56717]========== LOP Check ==========[/color]
[2012-01-30 17:23:54 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\AIMP
[2011-12-06 21:34:47 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\CheckPoint
[2011-08-18 21:15:07 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Gadu-Gadu 10
[2011-08-21 19:49:00 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Nowe Gadu-Gadu
[2011-04-04 20:14:05 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\RadarSync
[2011-08-23 17:44:04 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Soldat
[2012-01-23 18:05:47 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\T-Mobile
[2011-09-10 21:37:38 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\uTorrent
[2012-01-15 13:42:43 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
- Kod: Zaznacz wszystko
OTL Extras logfile created on: 2012-01-30 19:26:27 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mateusz\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1,99 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 68,51% Memory free
3,98 Gb Paging File | 3,38 Gb Available in Paging File | 84,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 82,82 Gb Total Space | 35,50 Gb Free Space | 42,86% Space Free | Partition Type: NTFS
Drive D: | 61,29 Gb Total Space | 28,96 Gb Free Space | 47,25% Space Free | Partition Type: NTFS
Computer Name: MK | User Name: Mateusz | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-137407815-3606119779-1577291113-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe" = C:\Program Files\OrangeBS\BEWInternet-PL-IEW\Connectivity\ConnectivityManager.exe:*:enabled:CSS -- (France Telecom SA)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000415-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.1.2903
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2B120B1D-1908-4FB3-8C9D-72128A74E80A}" = ZoneAlarm Security
"{392A74D0-4DFE-49F7-87C3-8A61708F8856}" = Eraser 6.0.8.2273
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6E4DAE31-7CF3-441A-B6E5-B014D63C80CD}" = Eee Instant Key
"{70994916-61E9-40D2-A30C-89D2C030017F}_is1" = BMW Standard Tools
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{81BF6353-3C5B-4E6E-A566-7E162A00BF72}_is1" = Wtyczka e-Deklaracje
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{90120000-0020-0415-0000-0000000FF1CE}" = Pakiet zgodności dla systemu Office 2007
"{A386CC19-1E79-4D4C-A54B-C8747871E4AD}" = ZoneAlarm Firewall
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB0DBC9A-422A-4888-A8E5-A32EC1779E68}_is1" = Sunrise Seven 1.2.61
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BEWINTERNET-PL-IEW}.UninstallSuite" = Orange Free
"{d08d9f98-1c78-4704-87e6-368b0023d831}" = RelevantKnowledge
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"ALLPlayer_is1" = ALLPlayer V4.X
"avast" = avast! Free Antivirus
"blondegirl_0_folder" = blondegirl_0.themepack
"CardDetectorICON515_UCAN" = Card Detector for Option Icon 515
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"Elantech" = ETDWare PS/2-x86 7.0.6.5_WHQL
"Gadu-Gadu" = Gadu-Gadu 6.1
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Internet Manager" = Internet Manager
"kim_folder" = kim.themepack
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 6.0.2 (x86 pl)" = Mozilla Firefox 6.0.2 (x86 pl)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"new-moon_folder" = new-moon.themepack
"Nowe Gadu-Gadu" = Nowe Gadu-Gadu
"PowerISO" = PowerISO
"QuestBasic" = QuestBasic 1.0 build 115
"Starcraft" = Starcraft
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"VMware_Workstation" = VMware Workstation
"WinRAR archiver" = WinRAR archiver
"Wireless Presenter" = Psiloc Wireless Presenter Desktop 2.20 (remove only)
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
http://wklej.org/id/678881/
Pozdrawiam i liczę na pomoc,
MK