Windows 7 Forum: konfiguracja, optymalizacja, porady, gadżety •

Pełna wersja: Duże zużycie procesora. Dziwnie zachowujący się komputer.
Aktualnie przeglądasz uproszczoną wersję forum. Kliknij tutaj, by zobaczyć wersję z pełnym formatowaniem.
Witam SerdecznieUśmiechnięty Posiadam laptopa Lenovo Ideapad Z565. Wczoraj ni stąd ni zowąd po ponownym uruchomieniu laptopa, ten zaczął się dziwnie zachowywać. Zużycie procesora ( dodam tylko, że 3 rdzeniowego - 2 x 2, 4 Amd Phenom) wzrasta do blisko 100 %. Zaczęło się od tego (a tak mi się wydaje, bo innej przyczyny nie widzę), jak zacząłem skanować pliki muzyczne programem mixed in key (program dla djów, który znajduje tonację danego utworu). Program skanujący tworzy sobie tymczasowy plik w formacie wav, aby odczyta klucz i ten plik zostaje usunięty po zeskanowaniu pliku mp3. Niestety jak klucza nie zeskanuje to po prostu ten wav zostaje na kompie, i waży jeden utworek ok 60 MB. Wczoraj było podobnie, tyle tylko, że jeden plik zajmuje ok 1GB na dysku! I nie da się go usunąć... Bo jak chce go usunąć, to po prostu pisze mi ciągle przetwarzanie, no i nie da sie tego wywalić z kompa. Ponadto, procesy explorer.exe, Dllhost.exe oraz wmpnetwk.exe (jest top usługa udostepniania plików multimedialnych z sieci, tylko, po co?) mają duże zużycie procesora i nie wiem, co z tym mam zrobić? Dlatego też proszę Was o pomoc!
Z góry dziękuję i pozdrawiam!
Witam, przede wszystkim najpierw musimy dojść do tego który proces zużywa tyle CPU.
Podczas jak to się dzieje odpal Menedżera zadań i zrób screen zakładki Procesy.
Przeskanuj system pod kątem złośliwego oprogramowania swoim rezydentalnym antywirusem i dodatkowo programem "Malwaresbytes Anty -Malware".Jak to nie pomoże to zrób logo programem "OTL" i zamieść do wglądu.
Ważna może najważniejsza w trakcie codziennych zabaw z systemem to tworzenie punktów Przywracanie Systemu.
Punkty te automatycznie są tworzone także podczas pobierania aktualizacji.
Pierwsza, czynność po zauważeniu niekorzystnych zmian w funkcjonowania systemu po instalce lub uruchomieniu jakiegoś nowego programu jest uruchomienie funkcji Przywracanie Systemu. Błędem jest wyłączanie tej funkcji Windows przez niektórych "myślących inaczej", którzy chcą zaoszczędzić kilka megabajtów na dyskach o pojemności aktualnie najczęściej 250GB-500MB i więcej.
Pliki i ustawienia użytkownika zostają zachowane.
Ty masz zapewne Seagate Momentus 500 GB lub podobny.
Uruchom więc przywracanie Systemu, wybierz odpowiedni punkt.
(23.06.2012 21:30)Nostromo napisał(a): [ -> ]Ważna może najważniejsza w trakcie codziennych zabaw z systemem to tworzenie punktów Przywracanie Systemu.
Punkty te automatycznie są tworzone także podczas pobierania aktualizacji.
Pierwsza, czynność po zauważeniu niekorzystnych zmian w funkcjonowania systemu po instalce lub uruchomieniu jakiegoś nowego programu jest uruchomienie funkcji Przywracanie Systemu. Błędem jest wyłączanie tej funkcji Windows przez niektórych "myślących inaczej", którzy chcą zaoszczędzić kilka megabajtów na dyskach o pojemności aktualnie najczęściej 250GB-500MB i więcej.
Pliki i ustawienia użytkownika zostają zachowane.
Ty masz zapewne Seagate Momentus 500 GB lub podobny.
Uruchom więc przywracanie Systemu, wybierz odpowiedni punkt.

Niestety przywracanie nic nie daje.... Próbowałem... ale nie zadziałało, dlatego Was pytam o poradę Uśmiechnięty

Tutaj przesyłam poszczególne screeny:

Jeżeli uruchamiam kompa i nic nie robię wygląda to tak...
[Obrazek: scaled.php?server=857&filename=1...es=landing]


Natomiast, jeżeli podejmuję próbę działania naponiższym pliku:
[Obrazek: scaled.php?server=607&filename=3...es=landing]


Chciałem ten folder z plikiem usunąć ale się nie da bo wyskakuje mi coś takiego, i proces nie postępuje dalej:
[Obrazek: scaled.php?server=88&filename=77...es=landing]


W czasie prób usunięcia pliku i caly czas już zużycie jest następujące:
[Obrazek: scaled.php?server=24&filename=24...es=landing]

A logi z programu Malwarebytes Anti-Malware:

Kod:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Wersja bazy:  v2012.06.23.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jacek :  JACEK [administrator]

2012-06-24 05: 23: 46
mbam-log-2012-06-24 (05-23-46).txt

Typ skanowania:  Szybkie skanowanie
Zaznaczone opcje skanowania:  Pamięć | Rozruch | Rejestr | System plików | Heurystyka/Dodatkowe | Heuristyka/Shuriken | PUP | PUM
Odznaczone opcje skanowania:  P2P
Przeskanowano obiektów:  221302
Upłynęło:  9 minut(y), 46 sekund(y)

Wykrytych procesów w pamięci:  0
(Nie znaleziono zagrożeń)

Wykrytych modułów w pamięci:  0
(Nie znaleziono zagrożeń)

Wykrytych kluczy rejestru:  0
(Nie znaleziono zagrożeń)

Wykrytych wartości rejestru:  0
(Nie znaleziono zagrożeń)

Wykryte wpisy rejestru systemowego:  0
(Nie znaleziono zagrożeń)

wykrytych folderów:  0
(Nie znaleziono zagrożeń)

Wykrytych plików:  0
(Nie znaleziono zagrożeń)

(zakończone)

Oraz kod z OTL, tak jak zalecaliście:
Kod:
OTL logfile created on:  2012-06-24 05: 36: 32 - Run 1
OTL by OldTimer - Version 3.2.53.0     Folder = C: \Users\Jacek\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale:  00000415 | Country:  Polska | Language:  PLK | Date Format:  yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 52,20% Memory free
7,99 Gb Paging File | 5,71 Gb Available in Paging File | 71,54% Paging File free
Paging file location(s):  ?: \pagefile.sys [binary data]

%SystemDrive% = C:  | %SystemRoot% = C: \windows | %ProgramFiles% = C: \Program Files (x86)
Drive C:  | 213,80 Gb Total Space | 129,23 Gb Free Space | 60,44% Space Free | Partition Type:  NTFS
Drive D:  | 117,87 Gb Total Space | 65,25 Gb Free Space | 55,36% Space Free | Partition Type:  NTFS
Drive E:  | 119,14 Gb Total Space | 62,88 Gb Free Space | 52,78% Space Free | Partition Type:  NTFS

Computer Name:  JACEK | User Name:  Jacek | Logged in as Administrator.
Boot Mode:  Normal | Scan Mode:  Current user | Include 64bit Scans
Company Name Whitelist:  Off | Skip Microsoft Files:  Off | No Company Name Whitelist:  On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-06-24 05: 11: 44 | 000,596,992 | ---- | M] (OldTimer Tools) -- C: \Users\Jacek\Desktop\OTL.exe
PRC - [2011-10-13 18: 21: 52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C: \Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011-01-12 17: 41: 42 | 000,810,144 | ---- | M] (ESET) -- C: \Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009-09-15 12: 29: 16 | 000,536,576 | ---- | M] (Vimicro) -- C: \Program Files (x86)\USB Camera\VM331_STI.EXE


[color=#E56717]========== Modules (No Company Name) ==========[/color]


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV: [b]64bit: [/b] - [2011-01-12 17: 44: 02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C: \Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV: [b]64bit: [/b] - [2011-01-12 17: 41: 42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C: \Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV: [b]64bit: [/b] - [2010-10-19 19: 37: 57 | 005,250,048 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C: \Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV: [b]64bit: [/b] - [2010-07-19 20: 19: 32 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C: \Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV: [b]64bit: [/b] - [2009-09-22 20: 16: 32 | 000,579,400 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C: \Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)
SRV: [b]64bit: [/b] - [2009-08-14 16: 22: 48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C: \Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)
SRV: [b]64bit: [/b] - [2009-08-11 18: 59: 38 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C: \Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV: [b]64bit: [/b] - [2009-07-14 03: 41: 27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C: \Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV: [b]64bit: [/b] - [2007-11-07 10: 11: 22 | 004,466,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C: \Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2012-02-29 08: 50: 48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C: \Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-10-21 16: 23: 42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C: \Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011-10-13 18: 21: 52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C: \Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011-08-23 22: 34: 25 | 004,729,616 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C: \Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2011-06-08 14: 02: 00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C: \Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-18 14: 16: 28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C: \Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-09-20 11: 55: 20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C: \Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009-07-16 05: 12: 42 | 000,276,296 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C: \Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll -- (PS_MDP)
SRV - [2009-07-14 16: 27: 26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C: \Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)
SRV - [2009-07-14 16: 27: 20 | 000,103,688 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C: \Program Files (x86)\Lenovo\ReadyComm\common\router.dll -- (ReadyComm.DirectRouter)
SRV - [2009-06-10 23: 23: 09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C: \Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-05-31 18: 11: 54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C: \Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 18: 11: 46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C: \Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV: [b]64bit: [/b] - [2012-03-01 08: 46: 16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C: \windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV: [b]64bit: [/b] - [2011-09-09 19: 31: 34 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C: \Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV: [b]64bit: [/b] - [2011-09-09 19: 31: 34 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C: \Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV: [b]64bit: [/b] - [2011-08-31 20: 36: 05 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C: \Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV: [b]64bit: [/b] - [2011-05-18 11: 14: 22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV: [b]64bit: [/b] - [2011-05-18 11: 14: 20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV: [b]64bit: [/b] - [2011-05-18 11: 14: 16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV: [b]64bit: [/b] - [2011-05-18 11: 14: 12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV: [b]64bit: [/b] - [2011-03-11 08: 41: 12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV: [b]64bit: [/b] - [2011-03-11 08: 41: 12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV: [b]64bit: [/b] - [2010-12-21 16: 04: 06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C: \Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV: [b]64bit: [/b] - [2010-12-21 16: 04: 06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C: \Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV: [b]64bit: [/b] - [2010-12-21 14: 47: 38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C: \Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV: [b]64bit: [/b] - [2010-11-20 15: 33: 35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV: [b]64bit: [/b] - [2010-11-20 13: 07: 05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV: [b]64bit: [/b] - [2010-11-20 12: 43: 57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV: [b]64bit: [/b] - [2010-07-19 20: 45: 56 | 007,448,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV: [b]64bit: [/b] - [2010-07-19 19: 39: 40 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV: [b]64bit: [/b] - [2010-07-15 14: 47: 42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV: [b]64bit: [/b] - [2010-06-17 11: 15: 36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV: [b]64bit: [/b] - [2010-05-14 20: 37: 50 | 000,406,592 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\rlcont_u.sys -- (RELOOP_CONTOUR)
DRV: [b]64bit: [/b] - [2010-05-14 20: 37: 48 | 000,050,240 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\rlcont_a.sys -- (RELOOP_CONTOUR_WDM)
DRV: [b]64bit: [/b] - [2010-05-14 20: 37: 46 | 000,031,296 | ---- | M] (Ploytec GmbH) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\rlcont_m.sys -- (RELOOP_CONTOUR_MIDI)
DRV: [b]64bit: [/b] - [2010-03-12 05: 23: 16 | 000,242,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV: [b]64bit: [/b] - [2010-02-22 12: 03: 44 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV: [b]64bit: [/b] - [2010-02-02 17: 52: 02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV: [b]64bit: [/b] - [2010-01-15 20: 08: 34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C: \Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV: [b]64bit: [/b] - [2010-01-07 14: 46: 20 | 000,302,128 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV: [b]64bit: [/b] - [2009-11-09 08: 53: 06 | 000,207,232 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\vm331avs.sys -- (vm331avs)
DRV: [b]64bit: [/b] - [2009-10-19 02: 40: 50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV: [b]64bit: [/b] - [2009-07-21 16: 20: 06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV: [b]64bit: [/b] - [2009-07-16 13: 55: 34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)
DRV: [b]64bit: [/b] - [2009-07-16 05: 38: 20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)
DRV: [b]64bit: [/b] - [2009-07-14 03: 52: 20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV: [b]64bit: [/b] - [2009-07-14 03: 48: 04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV: [b]64bit: [/b] - [2009-07-14 03: 45: 55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV: [b]64bit: [/b] - [2009-07-01 06: 46: 58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV: [b]64bit: [/b] - [2009-07-01 06: 46: 52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV: [b]64bit: [/b] - [2009-07-01 06: 46: 48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV: [b]64bit: [/b] - [2009-07-01 06: 46: 40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV: [b]64bit: [/b] - [2009-06-10 22: 37: 05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV: [b]64bit: [/b] - [2009-06-10 22: 35: 28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV: [b]64bit: [/b] - [2009-06-10 22: 34: 36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV: [b]64bit: [/b] - [2009-06-10 22: 34: 33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV: [b]64bit: [/b] - [2009-06-10 22: 34: 28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV: [b]64bit: [/b] - [2009-06-10 22: 34: 23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV: [b]64bit: [/b] - [2009-06-10 22: 31: 59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV: [b]64bit: [/b] - [2009-04-07 09: 33: 08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV: [b]64bit: [/b] - [2009-03-18 17: 35: 42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV: [b]64bit: [/b] - [2009-03-09 06: 49: 08 | 000,036,408 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV: [b]64bit: [/b] - [2008-08-28 13: 44: 42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV: [b]64bit: [/b] - [2008-08-06 14: 32: 16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C: \Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV: [b]64bit: [/b] - [2006-09-19 15: 43: 54 | 000,018,224 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009-07-14 03: 19: 10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C: \Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006-09-19 16: 43: 54 | 000,018,224 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C: \Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2005-01-04 11: 43: 08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C: \Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE: [b]64bit: [/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE: [b]64bit: [/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}:  "URL" = http: //www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http: //pl.v9.com/?utm_source=b&utm_medium=vlt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C: \Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http: //pl.v9.com/?utm_source=b&utm_medium=vlt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http: //www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http: //www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
IE - HKLM\..\URLSearchHook:  {51a86bb3-6602-4c85-92a5-130ee4864f13} - C: \Program Files (x86)\BrotherSoft_Extreme\prxtbBrot.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}:  "URL" = http: //www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}:  "URL" = http: //search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http: //pl.v9.com/?utm_source=b&utm_medium=vlt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http: //pl.v9.com/?utm_source=b&utm_medium=vlt
IE - HKCU\..\URLSearchHook:  {51a86bb3-6602-4c85-92a5-130ee4864f13} - C: \Program Files (x86)\BrotherSoft_Extreme\prxtbBrot.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}:  "URL" = http: //www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}:  "URL" = http: //www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}:  "URL" = http: //search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings:  "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - user.js - File not found

FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer:  C: \windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  disabled File not found
FF: [b]64bit: [/b] - HKLM\Software\MozillaPlugins\[url=http: //windows7forum.pl/microsoft-33418-u]Microsoft[/url].com/NpCtrl,version=1.0:  c: \Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer:  C: \windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer:  C: \windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0:  C: \Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( )
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin:  C: \Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:  C: \Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  disabled File not found
FF - HKLM\Software\MozillaPlugins\[url=http: //windows7forum.pl/microsoft-33418-u]Microsoft[/url].com/NpCtrl,version=1.0:  c: \Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709:  C: \Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198:  c: \program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450:  C: \Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198:  c: \program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198:  C: \ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198:  C: \ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198:  c: \program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448:  C: \Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:   File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:  C: \Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:  C: \Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader:  C: \Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3:  C: \Users\Jacek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9:  C: \Users\Jacek\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 13.0\extensions\\Components:  C: \PROGRAM FILES\WATERFOX\COMPONENTS [2012-06-18 19: 47: 20 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 13.0\extensions\\Plugins:  C: \PROGRAM FILES\WATERFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com:  C: \Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-16 17: 23: 36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}:  C: \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-22 20: 03: 04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com:  C: \Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-01-19 22: 39: 34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com:  C: \Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-16 17: 23: 36 | 000,000,000 | ---D | M]

[2012-06-18 19: 48: 18 | 000,000,000 | ---D | M] (No name found) -- C: \Users\Jacek\AppData\Roaming\mozilla\Extensions
[2012-06-18 19: 41: 29 | 000,000,000 | ---D | M] (No name found) -- C: \Program Files (x86)\mozilla firefox\extensions
[2012-05-01 13: 05: 56 | 000,000,000 | ---D | M] (Skype Click to Call) -- C: \Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012-02-16 21: 12: 12 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C: \Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011-12-20 12: 33: 56 | 000,120,984 | ---- | M] ( ) -- C: \Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll
[2011-07-11 23: 48: 12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C: \Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012-05-18 17: 53: 31 | 000,002,415 | ---- | M] () -- C: \Program Files (x86)\mozilla firefox\searchplugins\v9.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider:  v9 (Enabled)
CHR - default_search_provider:  search_url = http: //www.google.pl/cse?q={searchTerms}&cx=partner-pub-2489206448026482%3A4041638047&tbm=&ie=UTF-8#gsc.tab=0&gsc.q={searchTerms}
CHR - default_search_provider:  suggest_url =
CHR - plugin:  Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin:  Native Client (Enabled) = C: \Users\Jacek\AppData\Local\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin:  Chrome PDF Viewer (Enabled) = C: \Users\Jacek\AppData\Local\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin:  Shockwave Flash (Enabled) = C: \Users\Jacek\AppData\Local\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin:  Shockwave Flash (Enabled) = C: \windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin:  Adobe Acrobat (Enabled) = C: \Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin:  Java Deployment Toolkit 6.0.310.5 (Enabled) = C: \Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin:  Java(TM) Platform SE 6 U31 (Enabled) = C: \Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin:  GanymedeNet.Detector (Enabled) = C: \Program Files (x86)\Mozilla Firefox\plugins\npganymedenet.dll
CHR - plugin:  2007 Microsoft Office system (Enabled) = C: \Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin:  RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c: \program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin:  RealPlayer Version Plugin (Enabled) = c: \program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin:  Winamp Application Detector (Enabled) = C: \Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin:  Windows Live\u00AE Photo Gallery (Enabled) = C: \Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin:  RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C: \ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin:  Google Update (Enabled) = C: \Users\Jacek\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin:  Shockwave for Director (Enabled) = C: \windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin:  RealJukebox NS Plugin (Enabled) = c: \program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin:  Default Plug-in (Enabled) = default_plugin
CHR - Extension:  Last.fm free music player = C: \Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh\2.9.68_0\
CHR - Extension:  YouTube = C: \Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension:  Szukaj w Google = C: \Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension:  RealPlayer HTML5Video Downloader Extension = C: \Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension:  Skype Click to Call = C: \Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension:  Gmail = C: \Users\Jacek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File:  ([2012-01-10 22: 58: 36 | 000,000,027 | ---- | M]) - C: \Windows\SysNative\drivers\etc\hosts
O1 - Hosts:  127.0.0.1       localhost
O2 - BHO:  (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C: \ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO:  (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C: \Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O2 - BHO:  (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C: \Program Files (x86)\BrotherSoft_Extreme\prxtbBrot.dll (Conduit Ltd.)
O2 - BHO:  (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C: \Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO:  (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C: \Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO:  (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C: \Users\Jacek\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll File not found
O2 - BHO:  (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C: \Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO:  (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C: \PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar:  (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C: \Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar:  (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C: \Program Files (x86)\BrotherSoft_Extreme\prxtbBrot.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar:  (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C: \Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar:  (no name) - Locked - No CLSID value found.
O4: [b]64bit: [/b] - HKLM..\Run:  [egui] C: \Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4: [b]64bit: [/b] - HKLM..\Run:  [RtHDVBg] C: \Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4: [b]64bit: [/b] - HKLM..\Run:  [RtHDVCpl] C: \Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run:  [331BigDog] C: \Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKCU..\Run:  [DAEMON Tools Lite] C: \Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System:  ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System:  ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System:  PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  NoDrives = 0
O8: [b]64bit: [/b] - Extra context menu item:  Download all links by FlashGet3 - C: \Program Files (x86)\FlashGet Network\FlashGet 3.5\BHO\fdgetallurl.htm ()
O8: [b]64bit: [/b] - Extra context menu item:  Download by FlashGet3 - C: \Program Files (x86)\FlashGet Network\FlashGet 3.5\BHO\fdgeturl.htm ()
O8: [b]64bit: [/b] - Extra context menu item:  E&ksport do programu Microsoft Excel - res: //C: \PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8: [b]64bit: [/b] - Extra context menu item:  E&ksportuj do programu Microsoft Excel - res: //C: \PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8: [b]64bit: [/b] - Extra context menu item:  Wyślij obraz do urządzenia &Bluetooth... - C: \Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8: [b]64bit: [/b] - Extra context menu item:  Wyślij stronę do urządzenia &Bluetooth... - C: \Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8: [b]64bit: [/b] - Extra context menu item:  使用快车3下载 - C: \Users\Jacek\AppData\Roaming\FlashGetBHO\GetUrl.htm File not found
O8: [b]64bit: [/b] - Extra context menu item:  使用快车3下载全部链接 - C: \Users\Jacek\AppData\Roaming\FlashGetBHO\GetAllUrl.htm File not found
O8 - Extra context menu item:  Download all links by FlashGet3 - C: \Program Files (x86)\FlashGet Network\FlashGet 3.5\BHO\fdgetallurl.htm ()
O8 - Extra context menu item:  Download by FlashGet3 - C: \Program Files (x86)\FlashGet Network\FlashGet 3.5\BHO\fdgeturl.htm ()
O8 - Extra context menu item:  E&ksport do programu Microsoft Excel - res: //C: \PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item:  E&ksportuj do programu Microsoft Excel - res: //C: \PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item:  Wyślij obraz do urządzenia &Bluetooth... - C: \Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item:  Wyślij stronę do urządzenia &Bluetooth... - C: \Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item:  使用快车3下载 - C: \Users\Jacek\AppData\Roaming\FlashGetBHO\GetUrl.htm File not found
O8 - Extra context menu item:  使用快车3下载全部链接 - C: \Users\Jacek\AppData\Roaming\FlashGetBHO\GetAllUrl.htm File not found
O9: [b]64bit: [/b] - Extra Button:  @C: \Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C: \Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9: [b]64bit: [/b] - Extra 'Tools' menuitem :  @C: \Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C: \Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button:  Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C: \PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem :  Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C: \PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button:  @C: \windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C: \Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem :  @C: \windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C: \Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button:  Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C: \Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem :  Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C: \Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button:  Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button:  Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C: \Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem :  Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C: \Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O16: [b]64bit: [/b] - DPF:  {166B1BCA-3F9C-11CF-8075-444553540000} http: //download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error:  Key error.)
O16 - DPF:  {8AD9C840-044E-11D1-B3E9-00805F499D93} http: //java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF:  {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http: //java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF:  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http: //java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF:  {D27CDB6E-AE6D-11CF-96B8-444553540000} http: //fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters:  DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90841FED-C4A2-4D43-A93E-E1E8AC25C439}:  DhcpNameServer = 192.168.1.1
O18: [b]64bit: [/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\livecall - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\msdaipp - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\ms-help - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\msnim - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\skype4com - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18: [b]64bit: [/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C: \PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C: \Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C: \Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C: \PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C: \PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C: \Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C: \PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20: [b]64bit: [/b] - HKLM Winlogon:  Shell - (Explorer.exe) - C: \windows\explorer.exe (Microsoft Corporation)
O20: [b]64bit: [/b] - HKLM Winlogon:  UserInit - (C: \windows\system32\userinit.exe) - C: \Windows\SysNative\userinit.exe (Microsoft Corporation)
O20: [b]64bit: [/b] - HKLM Winlogon:  VMApplet - (SystemPropertiesPerformance.exe) - C: \windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20: [b]64bit: [/b] - HKLM Winlogon:  VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon:  Shell - (Explorer.exe) - C: \windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon:  UserInit - (C: \windows\system32\userinit.exe) - C: \Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon:  VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom:  AutoRun - 1
O34 - HKLM BootExecute:  (autocheck autochk *)
O34 - HKLM BootExecute:  (MACHINE BootExecut)
O35: [b]64bit: [/b] - HKLM\..comfile [open] -- "%1" %*
O35: [b]64bit: [/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37: [b]64bit: [/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37: [b]64bit: [/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows:  (ServerDll=winsrv: UserServerDllInitialization,3)
O38 - SubSystems\\Windows:  (ServerDll=winsrv: ConServerDllInitialization,2)
O38 - SubSystems\\Windows:  (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-06-24 05: 21: 48 | 000,000,000 | ---D | C] -- C: \Users\Jacek\AppData\Roaming\Malwarebytes
[2012-06-24 05: 17: 20 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-06-24 05: 17: 19 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C: \windows\SysNative\drivers\mbam.sys
[2012-06-24 05: 17: 19 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Malwarebytes' Anti-Malware
[2012-06-24 05: 17: 19 | 000,000,000 | ---D | C] -- C: \ProgramData\Malwarebytes
[2012-06-24 05: 11: 44 | 000,596,992 | ---- | C] (OldTimer Tools) -- C: \Users\Jacek\Desktop\OTL.exe
[2012-06-22 20: 30: 41 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-06-22 20: 30: 31 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\K-Lite Codec Pack
[2012-06-22 20: 11: 20 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\wucltux.dll
[2012-06-22 20: 11: 20 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\wuauclt.exe
[2012-06-22 20: 11: 20 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\wups2.dll
[2012-06-22 20: 10: 43 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\wuapi.dll
[2012-06-22 20: 10: 43 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\wudriver.dll
[2012-06-22 20: 10: 43 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\wups.dll
[2012-06-22 20: 10: 20 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\wuwebv.dll
[2012-06-22 20: 10: 20 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\wuapp.exe
[2012-06-19 21: 32: 46 | 000,000,000 | ---D | C] -- C: \Users\Jacek\Desktop\wydruk
[2012-06-19 20: 24: 07 | 000,000,000 | ---D | C] -- C: \Users\Jacek\Desktop\Rocznica_2012
[2012-06-18 19: 48: 13 | 000,000,000 | ---D | C] -- C: \Users\Jacek\AppData\Roaming\Mozilla
[2012-06-18 19: 47: 19 | 000,000,000 | ---D | C] -- C: \Program Files\Waterfox
[2012-06-18 19: 44: 36 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Gadu-Gadu 10
[2012-06-15 17: 43: 38 | 000,000,000 | ---D | C] -- C: \Users\Jacek\AppData\Local\Macromedia
[2012-06-14 20: 07: 59 | 000,000,000 | -H-D | C] -- C: \ProgramData\{4A818508-3355-4FBC-B302-D53B599DD9D5}
[2012-06-14 19: 50: 22 | 000,000,000 | ---D | C] -- D: \Moje Dokomenty\Updater
[2012-06-14 19: 31: 48 | 000,000,000 | -H-D | C] -- C: \ProgramData\{A0DFE2A5-DE68-41F3-8861-73E954C1D41D}
[2012-06-14 19: 31: 27 | 000,000,000 | -H-D | C] -- C: \ProgramData\{BB25779E-744C-48F3-94DE-CD6F60A5AC55}
[2012-06-14 19: 31: 13 | 000,000,000 | -H-D | C] -- C: \ProgramData\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
[2012-06-14 19: 31: 12 | 000,000,000 | ---D | C] -- C: \Program Files\Native Instruments
[2012-06-14 18: 16: 01 | 000,000,000 | ---D | C] -- D: \Moje Dokomenty\Native Instruments
[2012-06-14 18: 15: 28 | 000,000,000 | ---D | C] -- C: \ProgramData\Native Instruments
[2012-06-14 17: 34: 02 | 000,000,000 | ---D | C] -- C: \windows\usb-audio.deReloopCONTOUR
[2012-06-14 17: 32: 59 | 000,406,592 | ---- | C] (Ploytec GmbH) -- C: \windows\SysNative\drivers\rlcont_u.sys
[2012-06-14 17: 32: 59 | 000,050,240 | ---- | C] (Ploytec GmbH) -- C: \windows\SysNative\drivers\rlcont_a.sys
[2012-06-14 17: 32: 59 | 000,031,296 | ---- | C] (Ploytec GmbH) -- C: \windows\SysNative\drivers\rlcont_m.sys
[2012-06-13 09: 36: 24 | 000,000,000 | ---D | C] -- D: \Moje Dokomenty\iZotope
[2012-06-12 19: 40: 19 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\mshtmled.dll
[2012-06-12 19: 40: 19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C: \windows\SysWow64\mshtmled.dll
[2012-06-12 19: 40: 18 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\url.dll
[2012-06-12 19: 40: 18 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C: \windows\SysWow64\url.dll
[2012-06-12 19: 40: 17 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\ieui.dll
[2012-06-12 19: 40: 17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C: \windows\SysWow64\ieui.dll
[2012-06-12 19: 40: 16 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\ieUnatt.exe
[2012-06-12 19: 40: 16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C: \windows\SysWow64\ieUnatt.exe
[2012-06-12 19: 40: 13 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\jscript9.dll
[2012-06-12 19: 40: 13 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\inetcpl.cpl
[2012-06-12 19: 40: 13 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C: \windows\SysWow64\inetcpl.cpl
[2012-06-12 19: 40: 12 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\jscript.dll
[2012-06-12 19: 40: 12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C: \windows\SysWow64\jscript.dll
[2012-06-12 19: 38: 28 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\crypt32.dll
[2012-06-12 19: 38: 27 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\cryptnet.dll
[2012-06-12 19: 38: 09 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\msi.dll
[2012-06-12 19: 37: 41 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\rdpcorekmts.dll
[2012-06-12 19: 37: 41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\rdpwsx.dll
[2012-06-12 19: 37: 41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\rdrmemptylst.exe
[2012-06-12 19: 37: 37 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\ntoskrnl.exe
[2012-06-12 19: 37: 33 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C: \windows\SysWow64\ntoskrnl.exe
[2012-06-12 19: 37: 32 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C: \windows\SysWow64\ntkrnlpa.exe
[2012-06-11 08: 04: 34 | 000,000,000 | ---D | C] -- C: \windows\Minidump
[2012-05-30 13: 17: 45 | 000,000,000 | ---D | C] -- C: \Program Files (x86)\Yoplo
[2012-05-30 13: 17: 45 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\TigoTago
[2012-05-30 11: 07: 51 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\JJ MP3 Renamer
[2012-05-30 09: 32: 48 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Platinum Notes
[2012-05-30 09: 32: 47 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C: \windows\SysNative\msvcr71.dll
[2012-05-27 12: 47: 24 | 000,000,000 | ---D | C] -- C: \Users\Jacek\AppData\Roaming\SynthMaker
[2012-05-26 10: 17: 39 | 000,000,000 | ---D | C] -- C: \Users\Jacek\AppData\Roaming\SpeedSim
[2012-05-26 10: 17: 36 | 000,000,000 | ---D | C] -- C: \Users\Jacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedSim
[2012-05-26 10: 17: 36 | 000,000,000 | ---D | C] -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedSim
[3 C: \windows\SysWow64\*.tmp files -> C: \windows\SysWow64\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-06-24 05: 49: 43 | 000,026,925 | ---- | M] () -- C: \Users\Jacek\Desktop\4.jpg
[2012-06-24 05: 26: 52 | 000,013,632 | -H-- | M] () -- C: \windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-06-24 05: 26: 52 | 000,013,632 | -H-- | M] () -- C: \windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-06-24 05: 21: 16 | 000,010,895 | ---- | M] () -- C: \Users\Jacek\Desktop\3.jpg
[2012-06-24 05: 19: 25 | 000,001,042 | ---- | M] () -- C: \windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-06-24 05: 18: 55 | 000,067,584 | --S- | M] () -- C: \windows\bootstat.dat
[2012-06-24 05: 18: 48 | 3217,211,392 | -HS- | M] () -- C: \hiberfil.sys
[2012-06-24 05: 17: 20 | 000,001,116 | ---- | M] () -- C: \Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-06-24 05: 16: 23 | 000,148,686 | ---- | M] () -- C: \Users\Jacek\Desktop\2.jpg
[2012-06-24 05: 15: 23 | 000,152,016 | ---- | M] () -- C: \Users\Jacek\Desktop\1.jpg
[2012-06-24 05: 11: 44 | 000,596,992 | ---- | M] (OldTimer Tools) -- C: \Users\Jacek\Desktop\OTL.exe
[2012-06-23 14: 59: 00 | 000,001,046 | ---- | M] () -- C: \windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-23 11: 58: 49 | 000,003,584 | ---- | M] () -- C: \Users\Jacek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-18 18: 10: 28 | 000,813,990 | ---- | M] () -- C: \windows\SysNative\perfh015.dat
[2012-06-18 18: 10: 28 | 000,727,316 | ---- | M] () -- C: \windows\SysNative\perfh009.dat
[2012-06-18 18: 10: 28 | 000,185,640 | ---- | M] () -- C: \windows\SysNative\perfc015.dat
[2012-06-18 18: 10: 28 | 000,150,596 | ---- | M] () -- C: \windows\SysNative\perfc009.dat
[2012-06-18 18: 10: 27 | 001,878,910 | ---- | M] () -- C: \windows\SysNative\PerfStringBackup.INI
[2012-06-14 19: 31: 46 | 000,000,997 | ---- | M] () -- C: \Users\Public\Desktop\Traktor.lnk
[2012-06-14 08: 49: 38 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C: \windows\SysWow64\FlashPlayerApp.exe
[2012-06-14 08: 49: 38 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C: \windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-06-12 20: 29: 22 | 000,007,598 | ---- | M] () -- C: \Users\Jacek\AppData\Local\Resmon.ResmonCfg
[2012-06-12 20: 00: 49 | 005,031,336 | ---- | M] () -- C: \windows\SysNative\FNTCACHE.DAT
[2012-06-11 08: 04: 30 | 448,102,340 | ---- | M] () -- C: \windows\MEMORY.DMP
[2012-06-10 02: 14: 20 | 000,000,000 | ---- | M] () -- C: \windows\vpd.properties
[2012-06-09 19: 21: 56 | 000,178,688 | ---- | M] () -- C: \windows\SysWow64\unrar.dll
[2012-06-03 00: 19: 46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C: \windows\SysNative\wups.dll
[2012-06-03 00: 19: 42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C: \windows\SysNative\wuauclt.exe
[2012-06-03 00: 19: 42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C: \windows\SysNative\wups2.dll
[2012-06-03 00: 19: 23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C: \windows\SysNative\wuapi.dll
[2012-06-03 00: 15: 31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C: \windows\SysNative\wucltux.dll
[2012-06-03 00: 15: 08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C: \windows\SysNative\wudriver.dll
[2012-06-02 15: 19: 42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C: \windows\SysNative\wuwebv.dll
[2012-06-02 15: 15: 12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C: \windows\SysNative\wuapp.exe
[2012-05-31 20: 47: 25 | 000,000,366 | ---- | M] () -- C: \ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[3 C: \windows\SysWow64\*.tmp files -> C: \windows\SysWow64\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-06-24 05: 21: 16 | 000,010,895 | ---- | C] () -- C: \Users\Jacek\Desktop\3.jpg
[2012-06-24 05: 17: 20 | 000,001,116 | ---- | C] () -- C: \Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-06-24 05: 16: 23 | 000,148,686 | ---- | C] () -- C: \Users\Jacek\Desktop\2.jpg
[2012-06-24 05: 15: 23 | 000,152,016 | ---- | C] () -- C: \Users\Jacek\Desktop\1.jpg
[2012-06-23 11: 58: 49 | 000,003,584 | ---- | C] () -- C: \Users\Jacek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-06-22 20: 30: 37 | 000,178,688 | ---- | C] () -- C: \windows\SysWow64\unrar.dll
[2012-06-18 19: 47: 21 | 000,000,877 | ---- | C] () -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk
[2012-06-18 19: 44: 46 | 000,001,018 | ---- | C] () -- C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Gadu-Gadu 10.lnk
[2012-06-14 19: 31: 46 | 000,000,997 | ---- | C] () -- C: \Users\Public\Desktop\Traktor.lnk
[2012-06-11 08: 04: 30 | 448,102,340 | ---- | C] () -- C: \windows\MEMORY.DMP
[2012-05-20 19: 42: 20 | 000,000,122 | ---- | C] () -- C: \Users\Jacek\.octave_hist
[2012-04-23 11: 43: 48 | 000,002,240 | ---- | C] () -- C: \windows\LENDIG.sys
[2012-03-15 19: 30: 19 | 000,122,884 | ---- | C] () -- C: \windows\UnGins.exe
[2012-03-05 21: 36: 28 | 000,020,056 | ---- | C] () -- C: \Users\Jacek\AppData\Roaming\UserTile.png
[2012-02-17 23: 18: 22 | 000,000,366 | ---- | C] () -- C: \ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012-01-21 01: 29: 28 | 000,007,598 | ---- | C] () -- C: \Users\Jacek\AppData\Local\Resmon.ResmonCfg
[2012-01-12 22: 56: 53 | 000,256,000 | ---- | C] () -- C: \windows\PEV.exe
[2012-01-12 22: 56: 53 | 000,208,896 | ---- | C] () -- C: \windows\MBR.exe
[2012-01-12 22: 56: 53 | 000,098,816 | ---- | C] () -- C: \windows\sed.exe
[2012-01-12 22: 56: 53 | 000,080,412 | ---- | C] () -- C: \windows\grep.exe
[2012-01-12 22: 56: 53 | 000,068,096 | ---- | C] () -- C: \windows\zip.exe
[2011-11-28 20: 28: 56 | 000,644,608 | ---- | C] () -- C: \windows\SysWow64\xvidcore.dll
[2011-11-28 20: 28: 56 | 000,258,048 | ---- | C] () -- C: \windows\SysWow64\libFLAC.dll
[2011-11-11 14: 00: 08 | 000,004,096 | -H-- | C] () -- C: \Users\Jacek\AppData\Local\keyfile3.drm
[2011-10-23 20: 18: 17 | 000,000,012 | ---- | C] () -- C: \Users\Jacek\intlname.ols
[2011-10-16 17: 19: 02 | 000,229,810 | ---- | C] () -- C: \windows\hpoins19.dat
[2011-10-16 17: 19: 02 | 000,013,898 | ---- | C] () -- C: \windows\hpomdl19.dat
[2011-10-16 15: 56: 15 | 000,000,093 | ---- | C] () -- C: \Users\Jacek\AppData\Local\fusioncache.dat
[2011-10-16 15: 02: 50 | 001,855,048 | ---- | C] () -- C: \windows\SysWow64\PerfStringBackup.INI
[2011-09-29 14: 18: 59 | 000,532,480 | ---- | C] () -- C: \windows\SysWow64\ASPUtilityBelt.dll
[2011-09-29 14: 18: 59 | 000,353,280 | ---- | C] () -- C: \windows\SysWow64\shoutcasp.dll
[2011-09-26 20: 19: 28 | 000,002,892 | ---- | C] () -- C: \windows\SysWow64\audcon.sys
[2011-09-26 20: 18: 26 | 000,000,051 | ---- | C] () -- C: \windows\SysWow64\SYNSOPOS.exe.cfg
[2011-09-26 20: 18: 25 | 000,086,016 | ---- | C] () -- C: \windows\SysWow64\SYNSOPOS.exe
[2011-09-12 19: 05: 29 | 000,647,168 | ---- | C] () -- C: \windows\SysWow64\sonicismdsp.dll
[2011-09-05 12: 58: 05 | 000,001,172 | ---- | C] () -- C: \windows\SysWow64\secustat.dat
[2011-09-05 12: 57: 51 | 000,000,025 | ---- | C] () -- C: \windows\libem.INI
[2011-08-31 20: 42: 22 | 000,000,412 | ---- | C] () -- C: \windows\ODBC.INI
[2010-10-30 20: 11: 35 | 000,000,512 | ---- | C] () -- C: \windows\previous.bin
[2010-10-30 20: 11: 35 | 000,000,512 | ---- | C] () -- C: \windows\current.bin
[2010-10-30 20: 03: 54 | 000,016,648 | R--- | C] () -- C: \windows\SysWow64\LogAPI.dll
[2010-10-30 19: 51: 18 | 002,110,816 | ---- | C] () -- C: \windows\SysWow64\Apblend.dll
[2010-10-30 19: 51: 18 | 001,171,456 | ---- | C] () -- C: \windows\SysWow64\PicNotify.dll
[2010-10-30 19: 51: 08 | 001,044,480 | ---- | C] () -- C: \windows\SysWow64\3DImageRenderer.dll
[2010-10-30 19: 15: 36 | 000,001,376 | ---- | C] () -- C: \windows\vm331Rmv.ini
[2010-10-30 19: 01: 45 | 000,000,000 | ---- | C] () -- C: \windows\ativpsrm.bin
[2010-10-30 18: 56: 40 | 000,002,857 | ---- | C] () -- C: \windows\SysWow64\atipblag.dat

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 135 bytes -> C: \ProgramData\Temp: 07BF512B

< End of report >


No i co teraz z tym robić, Ktoś ma jakieś pomysły?
Nom tak...
przywracanie nie działa a upierdliwy plik nie daje się usunąć.
Lekarstwem na ten plik i nie tylko jest:

Unlocker.

Dostępny jest z menu kontekstowego myszki. Używanie bardzo łatwe bo jest po polsku.
To jeden z kilku niezbędnych, sprawdzonych programów, które mam zawsze "pod ręką".
(24.06.2012 08:35)Nostromo napisał(a): [ -> ]Nom tak...
przywracanie nie działa a upierdliwy plik nie daje się usunąć.
Lekarstwem na ten plik i nie tylko jest:

Unlocker.

Dostępny jest z menu kontekstowego myszki. Używanie bardzo łatwe bo jest po polsku.
To jeden z kilku niezbędnych, sprawdzonych programów, które mam zawsze "pod ręką".

Usunąłem pliki i system o wiele lepiej działa Cwaniak
Teraz mogę jeszcze prosić o jakiś program optymalizacyjny do Windows 7?Uśmiechnięty
dziękuję za zainteresowanie tematem!
McMarco,
masz laptopa Lenovo więc ziomal jesteśZacieszacz
Nie ufaj programom optymalizującym, czytałem niedawno artykuł o teście różnych, bardzo znanych programów do optymalizacji przeprowadzony na kilku laptopach znanych marek min. Lenovo.
Wynik testu był porażający, w kilku przypadkach po optymalizacji systemy pracowały wolniej, w kilku nie zmieniło się nic, w jednym przypadku poprawa była minimalna.

Mój sposób na optymalizację:
instalacja programów bez pasków i extra dodatków(które wciskają przy okazji instalek)
instalacja tylko sterowników firmowych lub wyszukanych podpisanych cyfrowo przez DriverMax'a,
pozwalam systemowi Windows wybrać optymalne ustawienia,
de instalacja programów RevoUninstaller'em,
usuwanie niechcianego, opornego oprogramowania przez Unlocker
czyszczenie rejestru CCleaner'em,
w autostarcie tylko co ja chcę,
korzystam z najnowszego firefoxa, podkręconego poradą Nostromo Jak przyspieszyć Firefoxa? (tutorial).
jedynym administratorem i użytkownikiem jestem ja(UAC wyłączony), ekran logowania wyłączony,
do bezpieczeństwa używam: MalwarebytesAntiMalvare, Spybot-Search & Destroy, Microsoft Essential,
klasyfikacja systemu na bieżąco, jak osiągnę zadowalający wynik to wyłączę WinSAT.exe
włączone przywracanie systemu, punkty przywracania tworzę sam(tak często jak potrzeba),
kopie systemu, prac, mediów na 500GB dysku zewnętrznym,
mam włączoną hibernację więc system "wstaje" do działania w 10 sekund,
własny plan zasilania,

(tyle na początek, teraz jadę do lasu na niedzielny spacerek, jak wrócę to poszerzę listę)
Dziękuję serdecznie, a ja używam program Auslogics BoostSpeed, Nostromo możesz wierzyć lub nie ale mi pomaga mówiąc szczerze Uśmiechnięty Dziękuję serdecznie za te cenne wskazówki Uśmiechnięty
Wątek rozwiązany.
Przekierowanie