Tworzenie się skrótów na pendrive

**Posty:** 1 · przez **Tod** 16 Cze 2013, 23:25

Witam.

Po podłączeniu do laptopa pamięci przenośnej tworzy się na niej skrót, którego nie można otworzyć.
Po użyciu usbfix'a pendrive jest naprawiony i sprawy na innym kompie niestety po podłączeniu do laptopa ponownie jest zarażony.

Proszę o pomoc w rozwiązaniu problemu.

Tutaj podaję kod z ostatniego usuwania wirusów usbfix'em :

Kod: Zaznacz wszystko: ############################## | UsbFix V 7.127 | [Deletion] User: Mateusz (Administrator) # GOCLICKI Updated 05/06/2013 by El Desaparecido Started at 21:34:56 | 16/06/2013 Website: http://sosvirus.org/ Upload Malware: http://upload.sosvirus.org/ Contact: contact@sosvirus.org PC: LENOVO (Lenovo IdeaPad Y580) (x64-based PC) CPU: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz (2401) RAM -> [Total : 8094 | Free : 6012] BIOS: InsydeH2O Version 03.71.515DCN40WW(V2.07) BOOT: Normal boot OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 10.0.9200.16618 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: Norton Internet Security [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 147 Gb (42 Mb free - 29%) [] # NTFS D:\ -> CD-ROM E:\ -> Fixed drive # 100 Mb (70 Mb free - 70%) [Zastrze¿one przez system] # NTFS F:\ -> Fixed drive # 783 Gb (608 Mb free - 78%) [Nowy] # NTFS G:\ -> Removable drive # 954 Mb (5 Mb free - 0%) [GOODDRIVEED] # FAT32 H:\ -> CD-ROM ################## | El Desaparecido Section | HKLM\SOFTWARE | Run : [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" HKLM\SOFTWARE | Run : [UpdatePRCShortCut] - "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" HKLM\SOFTWARE | Run : [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe" HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\SOFTWARE | Run : [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\SOFTWARE | Run : [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe HKLM\SOFTWARE | Run : [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe HKLM\SOFTWARE\wow6432Node | Run : [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" HKLM\SOFTWARE\wow6432Node | Run : [UpdatePRCShortCut] - "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" HKLM\SOFTWARE\wow6432Node | Run : [WinampAgent] - "C:\Program Files (x86)\Winamp\winampa.exe" HKLM\SOFTWARE\wow6432Node | Run : [GrooveMonitor] - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" HKLM\SOFTWARE\wow6432Node | Run : [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" HKLM\SOFTWARE\wow6432Node | Run : [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe HKLM\SOFTWARE\wow6432Node | Run : [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\SOFTWARE\wow6432Node | Run : [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe HKLM\SOFTWARE\wow6432Node | Run : [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe HKLM\SOFTWARE | RunOnce : [] - HKLM\SOFTWARE\wow6432Node | RunOnce : [] - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE | Run : [BatteryCare] - C:\Program Files (x86)\BatteryCare\BatteryCare.exe HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE | Run : [Akamai NetSession Interface] - "C:\Users\Mateusz\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE | Run : [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE | Run : [OscarEditor] - "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE | Run : [Google Update] - "C:\Users\Mateusz\AppData\Local\Google\Update\GoogleUpdate.exe" /c HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE | Run : [Steam] - "C:\Program Files (x86)\Steam\steam.exe" -silent HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE | Run : [GoogleChromeAutoLaunch_AD39DCBBF0C8E335115CF32EE510DE61] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window HKU\S-1-5-21-1281810742-3202921705-2187650910-1007\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe HKU\S-1-5-21-1281810742-3202921705-2187650910-1007\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe ################## | Stopped processes | Stopped! C:\Windows\system32\nvvsvc.exe (604) Stopped! C:\Windows\system32\WLANExt.exe (1620) Stopped! C:\Windows\system32\conhost.exe (1628) Stopped! C:\Windows\System32\spoolsv.exe (1928) Stopped! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1132) Stopped! C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (1364) Stopped! C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (1428) Stopped! C:\Program Files\Intel\WiFi\bin\EvtEng.exe (1392) Stopped! C:\Program Files\Intel\iCLS Client\HeciServer.exe (1732) Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (1984) Stopped! C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe (2064) Stopped! C:\Windows\SysWOW64\PnkBstrA.exe (2232) Stopped! C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (2304) Stopped! C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (2404) Stopped! C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (2456) Stopped! C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (2524) Stopped! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (3576) Stopped! C:\Windows\system32\nvvsvc.exe (3584) Stopped! C:\Windows\system32\taskhost.exe (4028) Stopped! C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe (4052) Stopped! C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (3880) Stopped! C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (2696) Stopped! C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (2780) Stopped! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3752) Stopped! C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (4104) Stopped! C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (4236) Stopped! C:\Program Files\Realtek\Audio\HDA\FMAPP.exe (4244) Stopped! C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (4256) Stopped! C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (4356) Stopped! C:\Windows\System32\igfxtray.exe (4404) Stopped! C:\Windows\System32\hkcmd.exe (4424) Stopped! C:\Windows\System32\igfxpers.exe (4456) Stopped! C:\Program Files\Windows Sidebar\sidebar.exe (4560) Stopped! C:\Program Files (x86)\BatteryCare\BatteryCare.exe (4604) Stopped! C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (4624) Stopped! C:\Users\Mateusz\AppData\Local\Akamai\netsession_win.exe (4636) Stopped! C:\Users\Mateusz\AppData\Local\Akamai\netsession_win.exe (4756) Stopped! C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe (4764) Stopped! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (4824) Stopped! C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (4868) Stopped! C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (4976) Stopped! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (4984) Stopped! C:\Users\Mateusz\AppData\Roaming\Dropbox\bin\Dropbox.exe (4996) Stopped! C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe (4780) Stopped! C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (2760) Stopped! C:\Program Files (x86)\Winamp\winampa.exe (4516) Stopped! C:\Program Files (x86)\LockKey\LockKey.exe (5196) Stopped! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (5268) Stopped! C:\Windows\SysWOW64\RunDll32.exe (5480) Stopped! C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (5504) Stopped! C:\Windows\system32\SearchIndexer.exe (5644) Stopped! C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (1972) Stopped! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (5340) Stopped! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (4804) Stopped! C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (3300) Stopped! C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (2684) Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (6084) Stopped! C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (4572) Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (4016) Stopped! C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (7036) Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (5112) Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (2208) Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (7536) Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (6116) Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (6044) Stopped! C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (1752) Stopped! C:\Users\Mateusz\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe (1872) Stopped! C:\Windows\System32\WUDFHost.exe (596) ################## | Files # Infected Folders | Deleted ! G:\GOODDRIVEED (1GB).lnk Deleted ! C:\Users\Mateusz\AppData\Local\Temp\Drives.vbs Not deleted ! G:\autorun.inf Deleted ! G:\desktop.ini Deleted ! G:\Thumbs.db (!) Temporary files deleted. ################## | Registry | ################## | Mountpoints2 | ################## | Listing | [11/03/2013 - 18:32:38 | SHD ] C:\$Recycle.Bin [25/03/2013 - 20:39:46 | D ] C:\Autodesk [13/06/2013 - 21:31:01 | RASHD ] C:\Autorun.inf [13/06/2013 - 19:16:31 | D ] C:\Config.Msi [14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings [19/04/2013 - 23:23:34 | D ] C:\Download [24/03/2013 - 16:25:46 | D ] C:\DRIVERS [15/06/2013 - 10:07:59 | ASH | 6365659136] C:\hiberfil.sys [11/03/2013 - 18:53:52 | D ] C:\Intel [11/04/2013 - 17:43:16 | D ] C:\MIDE [03/06/2013 - 13:32:15 | D ] C:\MSI [11/03/2013 - 21:14:22 | RHD ] C:\MSOCache [11/06/2013 - 19:42:08 | D ] C:\Netgear [11/03/2013 - 19:06:33 | D ] C:\NVIDIA [15/06/2013 - 10:08:00 | ASH | 8487546880] C:\pagefile.sys [14/07/2009 - 05:20:08 | D ] C:\PerfLogs [02/04/2013 - 22:39:37 | D ] C:\Program Files [09/06/2013 - 20:30:13 | D ] C:\Program Files (x86) [09/06/2013 - 20:35:39 | HD ] C:\ProgramData [11/03/2013 - 18:32:15 | SHD ] C:\Recovery [15/06/2013 - 10:11:55 | SHD ] C:\System Volume Information [21/04/2013 - 17:08:43 | D ] C:\Ubisoft [16/06/2013 - 21:37:30 | D ] C:\UsbFix [13/06/2013 - 21:31:02 | N | 13694] C:\UsbFix [Clean 10] GOCLICKI.txt [16/06/2013 - 21:37:36 | A | 11770] C:\UsbFix [Clean 11] GOCLICKI.txt [13/06/2013 - 19:40:34 | N | 13278] C:\UsbFix [Clean 8] GOCLICKI.txt [13/06/2013 - 20:47:19 | N | 13377] C:\UsbFix [Clean 9] GOCLICKI.txt [11/03/2013 - 19:42:41 | D ] C:\UserGuidePDF [21/04/2013 - 20:09:05 | D ] C:\Users [10/06/2013 - 21:07:43 | D ] C:\Windows [13/04/2013 - 20:52:50 | N | 4304] C:\WirelessDiagLog.csv [13/06/2013 - 19:58:34 | N | 2632] C:\{1208CFEF-A6D2-4AFC-9CE9-5B5B96F46734} [02/05/2013 - 21:54:29 | N | 2408] C:\{F4BA7265-BA18-4C44-A052-F854CC3E6378} [08/05/2013 - 20:00:56 | N | 2408] C:\{FD365B78-165A-4B99-8454-F8259744067A} [11/03/2013 - 19:03:48 | SHD ] E:\$RECYCLE.BIN [13/06/2013 - 21:31:01 | RASHD ] E:\Autorun.inf [11/03/2013 - 18:22:31 | SHD ] E:\Boot [21/11/2010 - 05:23:51 | RASH | 383786] E:\bootmgr [11/03/2013 - 18:22:32 | N | 8192] E:\BOOTSECT.BAK [15/06/2013 - 10:11:55 | SHD ] E:\System Volume Information [11/03/2013 - 19:03:48 | SHD ] F:\$RECYCLE.BIN [13/06/2013 - 21:31:01 | RASHD ] F:\Autorun.inf [13/06/2013 - 19:12:26 | D ] F:\b92cfa5696e7e765d2a5 [09/06/2013 - 16:55:23 | D ] F:\Download [31/05/2013 - 13:25:33 | D ] F:\FILMY [29/05/2013 - 09:16:02 | D ] F:\GRY-OBRAZ [30/05/2013 - 19:51:52 | D ] F:\Ksi¹zki HTC [25/05/2013 - 20:04:28 | D ] F:\Lord of the Rings War in the North [11/03/2013 - 21:13:31 | D ] F:\MS.Office.2007 pl [01/12/2006 - 23:37:14 | N | 904704] F:\msdia80.dll [24/05/2013 - 23:43:34 | D ] F:\msdownld.tmp [31/05/2013 - 15:39:17 | D ] F:\Muzyka [06/06/2013 - 18:30:16 | D ] F:\Nowy folder [29/05/2013 - 09:17:56 | D ] F:\ojciec dla Malwiny [09/06/2013 - 20:37:29 | D ] F:\programy do lenowo [15/06/2013 - 10:11:55 | SHD ] F:\System Volume Information [21/05/2013 - 16:40:23 | D ] F:\Tapety do lenovo [12/03/2013 - 18:04:11 | D ] F:\UTP [16/06/2013 - 21:34:28 | N | 0] G:\autorun.inf [16/06/2013 - 21:34:10 | D ] G:\ ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | E.O.F | http://sosvirus.org |

Tutaj podaję listing bez podłączonych pamięci przenośnych

Kod: Zaznacz wszystko: ############################## | UsbFix V 7.127 | [Listing] User: Mateusz (Administrator) # GOCLICKI Updated 05/06/2013 by El Desaparecido Started at 23:14:42 | 16/06/2013 Website: http://sosvirus.org/ Upload Malware: http://upload.sosvirus.org/ Contact: contact@sosvirus.org PC: LENOVO (Lenovo IdeaPad Y580) (x64-based PC) CPU: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz (2401) RAM -> [Total : 8094 | Free : 5443] BIOS: InsydeH2O Version 03.71.515DCN40WW(V2.07) BOOT: Normal boot OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 10.0.9200.16618 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: Norton Internet Security [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 147 Gb (44 Mb free - 30%) [] # NTFS D:\ -> CD-ROM E:\ -> Fixed drive # 100 Mb (70 Mb free - 70%) [Zastrzeｿone przez system] # NTFS F:\ -> Fixed drive # 783 Gb (608 Mb free - 78%) [Nowy] # NTFS H:\ -> CD-ROM ################## | Listing | [11/03/2013 - 18:32:38 | SHD ] C:\$Recycle.Bin [25/03/2013 - 20:39:46 | D ] C:\Autodesk [16/06/2013 - 21:37:36 | RASHD ] C:\Autorun.inf [13/06/2013 - 19:16:31 | D ] C:\Config.Msi [14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings [19/04/2013 - 23:23:34 | D ] C:\Download [24/03/2013 - 16:25:46 | D ] C:\DRIVERS [16/06/2013 - 21:53:35 | ASH | 6365659136] C:\hiberfil.sys [11/03/2013 - 18:53:52 | D ] C:\Intel [11/04/2013 - 17:43:16 | D ] C:\MIDE [03/06/2013 - 13:32:15 | D ] C:\MSI [11/03/2013 - 21:14:22 | RHD ] C:\MSOCache [11/06/2013 - 19:42:08 | D ] C:\Netgear [11/03/2013 - 19:06:33 | D ] C:\NVIDIA [16/06/2013 - 21:53:38 | ASH | 8487546880] C:\pagefile.sys [14/07/2009 - 05:20:08 | D ] C:\PerfLogs [02/04/2013 - 22:39:37 | D ] C:\Program Files [09/06/2013 - 20:30:13 | D ] C:\Program Files (x86) [09/06/2013 - 20:35:39 | HD ] C:\ProgramData [11/03/2013 - 18:32:15 | SHD ] C:\Recovery [16/06/2013 - 21:57:14 | SHD ] C:\System Volume Information [21/04/2013 - 17:08:43 | D ] C:\Ubisoft [16/06/2013 - 23:14:44 | D ] C:\UsbFix [13/06/2013 - 21:31:02 | N | 13694] C:\UsbFix [Clean 10] GOCLICKI.txt [16/06/2013 - 21:37:37 | A | 13974] C:\UsbFix [Clean 11] GOCLICKI.txt [13/06/2013 - 19:40:34 | N | 13278] C:\UsbFix [Clean 8] GOCLICKI.txt [13/06/2013 - 20:47:19 | N | 13377] C:\UsbFix [Clean 9] GOCLICKI.txt [16/06/2013 - 23:14:44 | A | 2443] C:\UsbFix [Listing 1 ] GOCLICKI.txt [11/03/2013 - 19:42:41 | D ] C:\UserGuidePDF [21/04/2013 - 20:09:05 | D ] C:\Users [16/06/2013 - 22:52:03 | D ] C:\Windows [13/04/2013 - 20:52:50 | N | 4304] C:\WirelessDiagLog.csv [13/06/2013 - 19:58:34 | N | 2632] C:\{1208CFEF-A6D2-4AFC-9CE9-5B5B96F46734} [02/05/2013 - 21:54:29 | N | 2408] C:\{F4BA7265-BA18-4C44-A052-F854CC3E6378} [08/05/2013 - 20:00:56 | N | 2408] C:\{FD365B78-165A-4B99-8454-F8259744067A} [11/03/2013 - 19:03:48 | SHD ] E:\$RECYCLE.BIN [16/06/2013 - 21:37:36 | RASHD ] E:\Autorun.inf [11/03/2013 - 18:22:31 | SHD ] E:\Boot [21/11/2010 - 05:23:51 | RASH | 383786] E:\bootmgr [11/03/2013 - 18:22:32 | N | 8192] E:\BOOTSECT.BAK [16/06/2013 - 21:57:14 | SHD ] E:\System Volume Information [11/03/2013 - 19:03:48 | SHD ] F:\$RECYCLE.BIN [16/06/2013 - 21:37:36 | RASHD ] F:\Autorun.inf [13/06/2013 - 19:12:26 | D ] F:\b92cfa5696e7e765d2a5 [09/06/2013 - 16:55:23 | D ] F:\Download [31/05/2013 - 13:25:33 | D ] F:\FILMY [29/05/2013 - 09:16:02 | D ] F:\GRY-OBRAZ [30/05/2013 - 19:51:52 | D ] F:\Ksiｹzki HTC [25/05/2013 - 20:04:28 | D ] F:\Lord of the Rings War in the North [11/03/2013 - 21:13:31 | D ] F:\MS.Office.2007 pl [01/12/2006 - 23:37:14 | N | 904704] F:\msdia80.dll [24/05/2013 - 23:43:34 | D ] F:\msdownld.tmp [31/05/2013 - 15:39:17 | D ] F:\Muzyka [06/06/2013 - 18:30:16 | D ] F:\Nowy folder [29/05/2013 - 09:17:56 | D ] F:\ojciec dla Malwiny [09/06/2013 - 20:37:29 | D ] F:\programy do lenowo [16/06/2013 - 21:57:14 | SHD ] F:\System Volume Information [21/05/2013 - 16:40:23 | D ] F:\Tapety do lenovo [12/03/2013 - 18:04:11 | D ] F:\UTP ################## | E.O.F |

Dorzucam jeszcze treść pliku OTL:

Kod: Zaznacz wszystko: OTL logfile created on: 2013-06-16 23:49:19 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mateusz\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,90 Gb Total Physical Memory | 5,17 Gb Available Physical Memory | 65,39% Memory free 15,81 Gb Paging File | 12,57 Gb Available in Paging File | 79,55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 147,13 Gb Total Space | 43,60 Gb Free Space | 29,64% Space Free | Partition Type: NTFS Drive E: | 100,00 Mb Total Space | 70,34 Mb Free Space | 70,34% Space Free | Partition Type: NTFS Drive F: | 783,20 Gb Total Space | 607,82 Gb Free Space | 77,61% Space Free | Partition Type: NTFS Computer Name: GOCLICKI | User Name: Mateusz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-06-16 23:47:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe PRC - [2013-06-07 00:06:24 | 001,641,896 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2013-06-07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2013-06-03 18:58:12 | 000,064,008 | ---- | M] (Google) -- C:\Users\Mateusz\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe PRC - [2013-05-29 07:27:40 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013-05-25 02:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Mateusz\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013-04-23 20:08:04 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2013-03-24 16:04:07 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe PRC - [2013-03-15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013-01-26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Mateusz\AppData\Local\Akamai\netsession_win.exe PRC - [2012-12-24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccsvchst.exe PRC - [2012-06-28 17:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2012-04-24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe PRC - [2012-03-12 02:59:30 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012-02-28 11:20:02 | 000,363,800 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012-02-28 11:19:56 | 000,277,784 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012-02-28 11:19:46 | 000,161,560 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2012-01-31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe PRC - [2011-08-25 21:43:44 | 000,337,776 | ---- | M] ( ) -- C:\Program Files (x86)\LockKey\LockKey.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-06-15 10:16:05 | 013,140,872 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll MOD - [2013-06-14 15:28:41 | 000,181,760 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\1.2013.605.1_0\plugin\ace.dll MOD - [2013-06-07 00:06:24 | 001,114,536 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll MOD - [2013-05-29 07:27:38 | 000,393,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll MOD - [2013-05-29 07:27:35 | 004,051,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll MOD - [2013-05-29 07:26:40 | 000,599,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll MOD - [2013-05-29 07:26:39 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll MOD - [2013-05-29 07:26:36 | 001,597,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll MOD - [2013-05-07 03:05:20 | 000,654,848 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll MOD - [2013-03-27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2013-03-24 16:04:07 | 000,099,680 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe MOD - [2013-03-15 07:53:06 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll MOD - [2013-03-13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Dropbox\bin\libcef.dll MOD - [2012-12-11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll MOD - [2012-12-11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll MOD - [2012-12-11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll MOD - [2012-11-14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll MOD - [2012-05-30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\wincfi39.dll MOD - [2011-06-02 14:58:18 | 000,132,448 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll MOD - [2011-06-02 14:57:44 | 000,161,120 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2013-03-25 21:07:05 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2013-02-13 03:53:50 | 000,770,528 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV:[b]64bit:[/b] - [2013-02-08 17:40:34 | 003,386,608 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV:[b]64bit:[/b] - [2013-02-08 17:40:08 | 000,273,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:[b]64bit:[/b] - [2013-02-08 17:39:48 | 000,621,296 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:[b]64bit:[/b] - [2013-02-08 17:39:14 | 000,149,744 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:[b]64bit:[/b] - [2012-09-12 18:07:06 | 000,135,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV:[b]64bit:[/b] - [2012-02-02 23:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV:[b]64bit:[/b] - [2012-02-01 19:31:02 | 000,945,440 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins) SRV:[b]64bit:[/b] - [2011-11-30 17:18:02 | 000,514,048 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent) SRV:[b]64bit:[/b] - [2011-11-30 17:12:00 | 000,979,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013-06-07 00:06:24 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013-04-23 20:08:04 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2013-03-22 17:32:56 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2013-03-15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013-02-28 19:25:34 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-12-24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe -- (NIS) SRV - [2012-04-24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2012-02-28 11:20:02 | 000,363,800 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012-02-28 11:19:56 | 000,277,784 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012-02-28 11:19:46 | 000,161,560 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2012-01-31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013-03-24 16:20:47 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr) DRV:[b]64bit:[/b] - [2013-03-19 21:37:50 | 000,442,368 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:[b]64bit:[/b] - [2013-03-19 21:31:44 | 004,534,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2013-03-15 07:53:06 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:[b]64bit:[/b] - [2013-03-11 21:18:53 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2013-03-11 20:07:49 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2013-03-11 19:31:31 | 000,030,816 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC) DRV:[b]64bit:[/b] - [2013-02-13 03:54:16 | 000,163,808 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:[b]64bit:[/b] - [2013-02-13 03:54:16 | 000,163,808 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:[b]64bit:[/b] - [2013-02-05 11:00:26 | 011,518,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64) DRV:[b]64bit:[/b] - [2013-01-31 05:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2013-01-31 05:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symefa64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2013-01-29 03:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2013-01-29 03:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys -- (SRTSPX) DRV:[b]64bit:[/b] - [2013-01-22 04:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symds64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2012-11-16 04:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2012-11-16 04:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.sys -- (ccSet_NIS) DRV:[b]64bit:[/b] - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012-08-23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012-07-17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2012-03-12 02:59:32 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:[b]64bit:[/b] - [2012-03-12 02:59:32 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:[b]64bit:[/b] - [2012-03-12 02:59:32 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:[b]64bit:[/b] - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-02 05:07:18 | 000,615,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:[b]64bit:[/b] - [2012-02-02 05:07:18 | 000,134,696 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums) DRV:[b]64bit:[/b] - [2012-02-02 05:07:12 | 000,211,496 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2012-02-02 05:07:12 | 000,184,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2012-02-02 05:07:12 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:[b]64bit:[/b] - [2012-02-02 05:07:12 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2011-12-16 03:04:02 | 000,411,920 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2011-11-30 16:57:28 | 000,084,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum) DRV:[b]64bit:[/b] - [2011-11-29 20:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2011-11-15 05:12:10 | 000,111,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:[b]64bit:[/b] - [2011-09-06 17:28:38 | 008,208,488 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc) DRV:[b]64bit:[/b] - [2011-08-25 04:21:00 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-03-22 05:43:34 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64) DRV:[b]64bit:[/b] - [2009-07-21 15:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2013-05-31 18:58:18 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130531.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2013-05-22 16:35:21 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130615.008\ex64.sys -- (NAVEX15) DRV - [2013-05-22 16:35:21 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20130615.008\eng64.sys -- (NAVENG) DRV - [2013-03-11 20:11:32 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2013-03-11 20:11:32 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2013-03-08 17:22:34 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130614.001\IDSviA64.sys -- (IDSVia64) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\..\SearchScopes\${searchCLSID}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&affID=119816&tt=070312_wc&babsrc=SP_ss&mntrId=5e61181400000000000074e5431f78f1 IE - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Mateusz\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Mateusz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Mateusz\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Mateusz\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mateusz\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mateusz\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFFPlgn\ [2013-03-11 20:07:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\ [2013-06-16 21:56:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-09 20:33:47 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-06-09 20:33:47 | 000,000,000 | ---D | M] [2013-03-11 20:46:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.pl/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - Extension: Angry Birds = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: Dokumenty Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: Turn Off the Lights = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.2.0.5_0\ CHR - Extension: YouTube = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Szukaj w Google = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: AdBlock = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\ CHR - Extension: CircuitLab = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\haghanbgfkfpmepoohpigmglbfejljoj\0.0.0.8_0\ CHR - Extension: Norton Identity Protection = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\ CHR - Extension: Google Hangouts = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\1.2013.605.1_0\ CHR - Extension: Blue Space Sunset Chrome Theme = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndfdjfoclbidmgpmbelcieibgjjfdog\3.5_0\ CHR - Extension: Gmail = C:\Users\Mateusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:[b]64bit:[/b] - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [SynLenovoGestureMgr] C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe (Synaptics) O4:[b]64bit:[/b] - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe ( ) O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000..\Run: [Akamai NetSession Interface] C:\Users\Mateusz\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000..\Run: [BatteryCare] C:\Program Files (x86)\BatteryCare\BatteryCare.exe (Filipe Lourenço) O4 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000..\Run: [GoogleChromeAutoLaunch_AD39DCBBF0C8E335115CF32EE510DE61] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000..\Run: [OscarEditor] C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe () O4 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1007..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1007..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Mateusz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) F3:[b]64bit:[/b] - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000 WinNT: Load - (C:\Users\Mateusz\LOCALS~1\Temp\cctgokcfq.pif) - C:\Users\Mateusz\LOCALS~1\Temp\cctgokcfq.pif (Hause) F3 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000 WinNT: Load - (C:\Users\Mateusz\LOCALS~1\Temp\cctgokcfq.pif) - C:\Users\Mateusz\LOCALS~1\Temp\cctgokcfq.pif (Hause) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O7 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAPower = 0 O7 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O7 - HKU\S-1-5-21-1281810742-3202921705-2187650910-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1461235-FC19-4E48-B9A0-7488FFDE8647}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5AF6F31-5384-4EB5-A3F2-B70D6D1F1123}: DhcpNameServer = 192.168.2.1 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-03-25 20:39:46 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ] O32 - AutoRun File - [2013-06-16 21:37:36 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2013-06-16 21:37:36 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2013-06-16 21:37:36 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-06-16 23:47:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe [2013-06-16 21:37:36 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2013-06-15 20:40:28 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\komutacja szeregowa [2013-06-15 00:12:16 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-06-15 00:12:15 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-06-13 19:34:04 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\diskwipe [2013-06-13 19:16:13 | 000,000,000 | ---D | C] -- C:\Config.Msi [2013-06-12 23:38:59 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013-06-12 23:38:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013-06-12 23:38:59 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013-06-12 23:38:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013-06-12 23:38:59 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013-06-12 23:38:59 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013-06-12 23:38:59 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013-06-12 23:38:59 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013-06-12 23:38:59 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013-06-12 23:38:58 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013-06-12 23:38:58 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013-06-12 23:38:58 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013-06-12 23:38:57 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013-06-12 23:00:55 | 001,128,960 | ---- | C] (Disk Wipe) -- C:\Users\Mateusz\Desktop\DiskWipe.exe [2013-06-12 12:19:37 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013-06-12 12:19:37 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013-06-12 12:19:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013-06-12 12:19:29 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll [2013-06-12 12:19:26 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013-06-12 12:19:22 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe [2013-06-12 12:19:21 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe [2013-06-12 12:19:20 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013-06-12 12:19:19 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013-06-12 12:19:19 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2013-06-12 12:19:19 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll [2013-06-12 12:19:16 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013-06-12 12:19:16 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013-06-12 10:01:36 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Nowy folder [2013-06-11 20:17:02 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\csv [2013-06-11 19:23:43 | 000,000,000 | ---D | C] -- C:\UsbFix [2013-06-11 19:23:14 | 001,048,628 | ---- | C] (El Desaparecido - SosVirus.org) -- C:\Users\Mateusz\Desktop\UsbFix.exe [2013-06-10 18:45:19 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\Mateusz Goclik Grupa I Elektrotechnika [2013-06-09 20:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2013-06-09 20:35:39 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\HP [2013-06-09 20:35:25 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\HP [2013-06-09 20:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2013-06-09 20:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2013-06-09 20:31:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP [2013-06-09 20:30:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard [2013-06-09 20:30:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2013-06-09 20:28:57 | 001,295,360 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpotiop4.dll [2013-06-09 20:28:57 | 000,859,136 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpowiax4.dll [2013-06-09 20:28:57 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll [2013-06-09 20:28:57 | 000,540,672 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll [2013-06-09 20:28:57 | 000,488,960 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpovst11.dll [2013-06-09 20:12:15 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2013-06-09 20:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard [2013-06-08 11:53:27 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Mozilla [2013-06-06 20:37:59 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\Desktop\PROGRAM C#4 [2013-06-03 13:32:15 | 000,000,000 | ---D | C] -- C:\MSI [2013-05-29 20:59:12 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-05-29 20:59:12 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-05-29 20:59:12 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-05-29 20:59:12 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-05-29 20:59:12 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013-05-29 20:59:12 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013-05-29 20:59:12 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-05-29 20:59:12 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013-05-29 20:59:12 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-05-29 20:59:12 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-05-29 20:59:12 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-05-29 20:59:12 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-05-29 20:59:12 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-05-29 20:59:12 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-05-29 20:59:12 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-05-29 20:59:12 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-05-29 20:59:12 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013-05-29 20:59:12 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-05-29 20:59:12 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-05-29 20:59:12 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013-05-29 20:59:12 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-05-29 20:59:12 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-05-29 20:59:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-05-29 20:59:12 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-05-29 20:59:12 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-05-29 20:59:12 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-05-29 20:59:12 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-05-29 20:59:12 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-05-29 20:59:12 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-05-29 20:59:12 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-05-29 20:59:12 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-05-29 20:59:12 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-05-29 20:59:12 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-05-29 20:59:12 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-05-29 20:59:12 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-05-29 20:59:12 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-05-29 20:59:12 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-05-29 20:59:12 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-05-29 20:59:12 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-05-29 20:59:12 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-05-29 20:59:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-05-29 20:59:12 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-05-29 20:59:12 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-05-29 20:59:12 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-05-29 20:59:12 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-05-29 20:59:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-05-29 20:59:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-05-29 20:59:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-05-29 20:59:12 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-05-29 20:59:12 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-05-29 20:59:12 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-05-29 20:59:12 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-05-29 20:59:12 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-05-26 10:42:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2013-05-26 10:42:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2013-05-26 10:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2013-05-24 16:51:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Muve [2013-05-24 16:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Muve [2013-05-23 15:06:10 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Local\WarThunder [2013-05-23 15:06:10 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder [2013-05-23 15:05:57 | 000,000,000 | ---D | C] -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder [2013-05-23 15:05:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\War Thunder [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-06-16 23:52:25 | 003,145,728 | -HS- | M] () -- C:\Users\Mateusz\NTUSER.DAT [2013-06-16 23:47:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mateusz\Desktop\OTL.exe [2013-06-16 23:19:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1281810742-3202921705-2187650910-1000UA.job [2013-06-16 23:13:01 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-06-16 22:52:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-06-16 22:01:09 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-06-16 22:01:09 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-06-16 21:54:07 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-06-16 21:53:48 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2013-06-16 21:53:35 | 2070,691,839 | -HS- | M] () -- C:\hiberfil.sys [2013-06-16 21:37:06 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1281810742-3202921705-2187650910-1000UA.job [2013-06-16 21:35:17 | 001,662,556 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-06-16 21:35:17 | 000,737,980 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-06-16 21:35:17 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-06-16 21:35:17 | 000,154,636 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-06-16 21:35:17 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-06-16 19:19:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1281810742-3202921705-2187650910-1000Core.job [2013-06-16 15:37:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1281810742-3202921705-2187650910-1000Core.job [2013-06-16 12:26:11 | 000,342,214 | ---- | M] () -- C:\Users\Mateusz\Desktop\New Doc 8.pdf [2013-06-13 23:04:40 | 003,010,706 | -H-- | M] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2013-06-13 22:42:38 | 000,007,610 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\Resmon.ResmonCfg [2013-06-13 20:53:26 | 000,132,597 | ---- | M] () -- C:\Users\Mateusz\Desktop\Flash_Disinfector.exe [2013-06-13 19:58:34 | 000,002,632 | ---- | M] () -- C:\{1208CFEF-A6D2-4AFC-9CE9-5B5B96F46734} [2013-06-13 19:31:31 | 000,001,051 | ---- | M] () -- C:\Users\Mateusz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-06-13 19:17:25 | 001,638,694 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-06-12 23:13:34 | 000,048,290 | ---- | M] () -- C:\Users\Mateusz\Desktop\diskwipe.zip [2013-06-12 23:00:55 | 001,128,960 | ---- | M] (Disk Wipe) -- C:\Users\Mateusz\Desktop\DiskWipe.exe [2013-06-12 14:29:19 | 000,594,288 | ---- | M] () -- C:\Users\Mateusz\Desktop\Sensory o konwertery pomiarowe.pdf [2013-06-12 08:50:49 | 000,945,557 | ---- | M] () -- C:\Users\Mateusz\Desktop\Sprawozdanie-1.pdf [2013-06-11 19:23:15 | 001,048,628 | ---- | M] (El Desaparecido - SosVirus.org) -- C:\Users\Mateusz\Desktop\UsbFix.exe [2013-06-10 21:05:08 | 000,543,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-06-10 18:44:56 | 000,125,205 | ---- | M] () -- C:\Users\Mateusz\Desktop\Mateusz Goclik Grupa I Elektrotechnika.7z [2013-06-09 20:37:37 | 000,150,512 | ---- | M] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2013-06-09 20:35:32 | 000,172,268 | ---- | M] () -- C:\Windows\hpoins13.dat [2013-06-09 20:35:26 | 000,000,513 | ---- | M] () -- C:\Windows\win.ini [2013-06-09 20:32:22 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-06-09 16:41:10 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2013-06-09 16:41:10 | 000,291,088 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013-06-09 16:41:02 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2013-06-08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013-06-08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013-06-06 17:48:47 | 003,908,390 | ---- | M] () -- C:\Users\Mateusz\Desktop\imagine dragons - ready aim fire.mp3 [2013-06-04 08:34:29 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\isolate.ini [2013-05-29 20:59:12 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013-05-29 20:59:12 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013-05-29 20:59:12 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013-05-29 20:59:12 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013-05-29 20:59:12 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013-05-29 20:59:12 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013-05-29 20:59:12 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013-05-29 20:59:12 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013-05-29 20:59:12 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013-05-29 20:59:12 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013-05-29 20:59:12 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013-05-29 20:59:12 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013-05-29 20:59:12 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013-05-29 20:59:12 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013-05-29 20:59:12 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013-05-29 20:59:12 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013-05-29 20:59:12 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013-05-29 20:59:12 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013-05-29 20:59:12 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013-05-29 20:59:12 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013-05-29 20:59:12 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013-05-29 20:59:12 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013-05-29 20:59:12 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013-05-29 20:59:12 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013-05-29 20:59:12 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013-05-29 20:59:12 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013-05-29 20:59:12 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013-05-29 20:59:12 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013-05-29 20:59:12 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013-05-29 20:59:12 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013-05-29 20:59:12 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013-05-29 20:59:12 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013-05-29 20:59:12 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013-05-29 20:59:12 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013-05-29 20:59:12 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013-05-29 20:59:12 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013-05-29 20:59:12 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013-05-29 20:59:12 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013-05-29 20:59:12 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013-05-29 20:59:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013-05-29 20:59:12 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013-05-29 20:59:12 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013-05-29 20:59:12 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013-05-29 20:59:12 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013-05-29 20:59:12 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013-05-29 20:59:12 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013-05-29 20:59:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013-05-29 20:59:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013-05-29 20:59:12 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013-05-29 20:59:12 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013-05-29 20:59:12 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013-05-29 20:59:12 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013-05-29 20:59:12 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013-05-29 20:59:12 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013-05-29 20:59:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013-05-26 10:42:34 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2013-05-24 04:09:47 | 000,008,063 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds64.cat [2013-05-23 07:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys [2013-05-23 07:25:28 | 000,007,587 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa64.cat [2013-05-23 07:25:28 | 000,003,434 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa.inf [2013-05-21 07:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds64.sys [2013-05-21 07:02:00 | 000,002,852 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds.inf [2013-05-21 06:40:20 | 000,008,067 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.cat [2013-05-18 19:47:36 | 000,018,757 | ---- | M] () -- C:\Users\Mateusz\Documents\603525_553033408082817_1428309410_n.jpg [2013-05-18 09:44:45 | 000,024,529 | ---- | M] () -- C:\Users\Mateusz\Documents\pożegnanie.zip [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-06-16 12:26:07 | 000,342,214 | ---- | C] () -- C:\Users\Mateusz\Desktop\New Doc 8.pdf [2013-06-13 20:53:26 | 000,132,597 | ---- | C] () -- C:\Users\Mateusz\Desktop\Flash_Disinfector.exe [2013-06-13 19:58:34 | 000,002,632 | ---- | C] () -- C:\{1208CFEF-A6D2-4AFC-9CE9-5B5B96F46734} [2013-06-12 23:13:34 | 000,048,290 | ---- | C] () -- C:\Users\Mateusz\Desktop\diskwipe.zip [2013-06-12 14:29:18 | 000,594,288 | ---- | C] () -- C:\Users\Mateusz\Desktop\Sensory o konwertery pomiarowe.pdf [2013-06-12 08:50:32 | 000,945,557 | ---- | C] () -- C:\Users\Mateusz\Desktop\Sprawozdanie-1.pdf [2013-06-09 20:34:02 | 000,001,052 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja programu I.R.I.S. OCR.lnk [2013-06-09 20:32:22 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-06-09 20:29:31 | 000,172,268 | ---- | C] () -- C:\Windows\hpoins13.dat [2013-06-09 20:29:31 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl13.dat [2013-06-06 17:48:28 | 003,908,390 | ---- | C] () -- C:\Users\Mateusz\Desktop\imagine dragons - ready aim fire.mp3 [2013-06-04 19:52:04 | 000,125,205 | ---- | C] () -- C:\Users\Mateusz\Desktop\Mateusz Goclik Grupa I Elektrotechnika.7z [2013-05-29 20:59:12 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013-05-29 20:59:12 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013-05-26 10:42:34 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2013-05-24 19:14:14 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1281810742-3202921705-2187650910-1000UA.job [2013-05-24 19:14:12 | 000,001,014 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1281810742-3202921705-2187650910-1000Core.job [2013-05-18 19:47:05 | 000,018,757 | ---- | C] () -- C:\Users\Mateusz\Documents\603525_553033408082817_1428309410_n.jpg [2013-04-16 21:27:33 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2013-03-25 21:08:02 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2013-03-19 21:32:04 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2013-03-19 21:32:02 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll [2013-03-19 21:29:28 | 019,586,560 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll [2013-03-13 22:40:39 | 000,291,088 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2013-03-13 22:40:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2013-03-13 22:37:22 | 000,007,610 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\Resmon.ResmonCfg [2013-03-11 19:23:20 | 001,638,694 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013-03-11 19:03:59 | 000,150,512 | ---- | C] () -- C:\Users\Mateusz\AppData\Local\GDIPFONTCACHEV1.DAT [2013-03-11 18:54:42 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2013-03-11 18:54:42 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2013-03-11 18:50:01 | 003,010,706 | -H-- | C] () -- C:\Users\Mateusz\AppData\Local\IconCache.db [2013-03-11 18:32:25 | 000,000,020 | -HS- | C] () -- C:\Users\Mateusz\ntuser.ini [2013-03-11 18:32:24 | 003,145,728 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT [2013-03-11 18:32:24 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2013-03-11 18:32:24 | 000,524,288 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2013-03-11 18:32:24 | 000,065,536 | -HS- | C] () -- C:\Users\Mateusz\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2012-12-14 03:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012-12-14 03:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2012-02-02 23:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013-03-25 21:58:24 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Autodesk [2013-03-11 20:46:01 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Babylon [2013-06-16 21:54:34 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\BatteryCare [2013-06-09 17:10:48 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\DAEMON Tools Lite [2013-06-16 22:54:30 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Dropbox [2013-04-18 18:59:54 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Mathsoft [2013-03-23 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Milestone [2013-03-24 19:29:43 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\NapiProjekt [2013-04-20 09:54:35 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Netgear Live Parental Controls [2013-04-10 12:01:32 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\OpenOffice.org [2013-06-05 16:26:56 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\Origin [2013-06-16 22:05:07 | 000,000,000 | ---D | M] -- C:\Users\Mateusz\AppData\Roaming\uTorrent [color=#E56717]========== Purity Check ==========[/color] < End of report >

Dodano Dzisiaj, 10:58:
Problem rozwiązany proszę o usunięcie tematu.

Tworzenie się skrótów na pendrive

Tworzenie się skrótów na pendrive

Kto jest na forum