x-kom hosting

wnr3.dll

maniek0987

maniek0987

utworzono
utworzono

od jakiegos czasu wyskakuje mi okienko: Od kilku dni wyskakuje mi przy starcie okienko: Próbujesz otworzyć plik .dll gdy dałem otwórz za pomocą pojawiło się właśnie wnr3.dll. i nie wiem o co z tym chodzi oto logo z otl:
[code]OTL logfile created on: 2010-06-01 14:57:57 - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Users\Maniek\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 122,07 Gb Total Space | 80,39 Gb Free Space | 65,86% Space Free | Partition Type: NTFS
Drive D: | 118,16 Gb Total Space | 84,09 Gb Free Space | 71,17% Space Free | Partition Type: NTFS
Drive E: | 109,31 Gb Total Space | 108,93 Gb Free Space | 99,65% Space Free | Partition Type: NTFS
Drive F: | 116,21 Gb Total Space | 94,97 Gb Free Space | 81,72% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MANIEK-PC
Current User Name: Maniek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 60 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-06-01 14:56:02 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Maniek\Desktop\OTL.exe
PRC - [2010-06-01 14:48:26 | 001,509,384 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
PRC - [2010-06-01 14:48:25 | 000,840,416 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010-06-01 14:48:24 | 001,314,704 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010-04-29 18:49:37 | 000,031,232 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.exe
PRC - [2010-04-04 11:56:14 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-03-03 16:53:19 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2010-02-12 15:51:41 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2010-01-11 23:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2010-01-11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010-01-07 17:07:10 | 001,394,000 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2009-10-30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009-04-11 08:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 08:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2009-04-11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 08:27:59 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
PRC - [2009-04-11 08:27:58 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-19 09:33:40 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008-01-19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:23 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
PRC - [2008-01-19 09:33:15 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2008-01-19 09:33:14 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-19 09:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008-01-19 09:33:09 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008-01-19 09:33:05 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-07 14:28:02 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lycosa\razertra.exe
PRC - [2007-11-20 17:53:36 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files\Razer\Lycosa\razerhid.exe
PRC - [2007-04-23 09:51:42 | 004,435,968 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006-12-14 18:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006-12-14 08:25:40 | 000,520,192 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-06-01 14:56:02 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Maniek\Desktop\OTL.exe
MOD - [2010-02-12 16:04:13 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2010-02-12 15:51:41 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2010-02-12 15:45:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2010-02-12 14:39:11 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 08:28:25 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 08:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 08:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-04-11 08:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 08:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-11 08:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008-01-19 09:37:12 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-19 09:36:48 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-19 09:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-19 09:36:35 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-19 09:35:57 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-19 09:33:52 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-06-01 14:48:24 | 001,314,704 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010-01-28 05:01:36 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\aspnet_state.exe -- (aspnet_state)
SRV - [2010-01-28 01:51:52 | 000,738,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-01-28 01:51:52 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\mscorsvw.exe -- (clr_optimization_v4.0.30128_32)
SRV - [2010-01-28 01:51:52 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-01-28 01:51:52 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2010-01-28 01:51:52 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2010-01-28 01:51:52 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe -- (NetMsmqActivator)
SRV - [2010-01-11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-02-11 16:19:35 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-02-11 15:21:34 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010-02-04 17:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010-01-12 13:03:34 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010-01-07 17:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009-04-08 14:29:52 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2008-01-19 07:49:39 | 000,521,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xnacc.sys -- (xnacc)
DRV - [2008-01-18 15:43:16 | 000,016,128 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Lycosa.sys -- (LycoFltr)
DRV - [2007-04-23 12:13:22 | 001,769,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-12-08 11:33:21 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006-12-08 11:33:20 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.actina.pl/ [binary data]
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14780&l=dis
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.6.0.15
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-04 11:56:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-06 21:04:54 | 000,000,000 | ---D | M]

[2010-02-11 14:43:37 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\mozilla\Extensions
[2010-05-31 18:21:55 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions
[2010-04-27 22:27:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-05-04 21:23:38 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010-03-03 16:14:05 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions\battlefieldheroespatcher@ea.com
[2010-04-20 21:05:14 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions\toolbar@ask.com
[2010-04-20 21:05:16 | 000,002,426 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\Mozilla\FireFox\Profiles\p6z85bj0.default\searchplugins\askcom.xml
[2010-04-21 12:06:36 | 000,000,917 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\Mozilla\FireFox\Profiles\p6z85bj0.default\searchplugins\conduit.xml
[2010-02-13 20:23:44 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-13 20:23:44 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-04-04 22:17:06 | 000,001,223 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 www.alcohol-soft.com
O1 - Hosts: 127.0.0.1 images.alcohol-soft.com
O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com
O1 - Hosts: 127.0.0.1 alcohol-soft.com
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O1 - Hosts: 0.0.0.0 www.metin2.pl
O1 - Hosts: 0.0.0.0 metin2.pl
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Maniek\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Lycosa] C:\Program Files\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000..\Run: [PlayNC Launcher] File not found
O4 - Startup: C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.dll ()
O4 - Startup: C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.exe ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Maniek\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Maniek\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Maniek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Maniek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9d1a5d74-1718-11df-96f6-001d7d96511c}\Shell - "" = AutoRun
O33 - MountPoints2\{9d1a5d74-1718-11df-96f6-001d7d96511c}\Shell\AutoRun\command - "" = L:\setup\rsrc\Autorun.exe -- File not found
O33 - MountPoints2\{9d1a5d74-1718-11df-96f6-001d7d96511c}\Shell\dinstall\command - "" = L:\Directx\dxsetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2010-06-01 14:55:54 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\Maniek\Desktop\OTL.exe
[2010-05-31 23:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-05-31 23:09:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-05-31 20:52:36 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Documents\Version Cue
[2010-05-31 20:52:35 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Documents\AdobeStockPhotos
[2010-05-31 20:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010-05-31 19:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-05-31 19:53:09 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Desktop\pl_PL
[2010-05-28 19:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\AMR Converter Pro
[2010-05-28 19:48:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA}
[2010-05-23 22:58:48 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Anwendungsdaten
[2010-05-21 18:24:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010-05-12 15:58:58 | 001,483,054 | ---- | C] (Colonel Cow) -- C:\Users\Maniek\Desktop\minimalizer2.exe
[2010-05-08 10:13:34 | 000,000,000 | ---D | C] -- C:\Users\Maniek\AppData\Local\assembly
[2010-05-08 09:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\NCsoft
[2010-05-04 21:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO
[2010-05-04 21:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010-05-04 21:23:32 | 000,000,000 | ---D | C] -- C:\Users\Maniek\AppData\Roaming\Xfire
[2010-05-04 21:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010-04-29 17:00:54 | 000,000,000 | ---D | C] -- C:\Users\Maniek\AppData\Roaming\Ubisoft
[2010-04-29 17:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010-04-29 16:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010-04-23 18:46:38 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Documents\KONAMI
[2010-04-22 16:12:27 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Documents\FIFA 10
[2010-04-22 15:14:08 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI
[2010-04-21 23:18:28 | 000,000,000 | ---D | C] -- C:\Users\Maniek\AppData\Roaming\Leadertech
[2010-04-21 22:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Dzielenie i laczenie plikow
[2010-04-20 21:21:05 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010-04-13 18:13:10 | 000,000,000 | ---D | C] -- C:\totalcmd
[2010-04-13 18:13:10 | 000,000,000 | ---D | C] -- C:\Users\Maniek\AppData\Roaming\GHISLER
[2010-04-02 23:33:57 | 000,000,000 | ---D | C] -- C:\Users\Maniek\AppData\Local\Microsoft Games
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2010-06-01 14:57:12 | 004,194,304 | -HS- | M] () -- C:\Users\Maniek\ntuser.dat
[2010-06-01 14:56:02 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Maniek\Desktop\OTL.exe
[2010-06-01 14:42:59 | 000,051,267 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.dll
[2010-06-01 14:42:01 | 000,034,990 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010-06-01 14:42:01 | 000,034,990 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010-06-01 14:41:48 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-06-01 14:41:48 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-06-01 14:41:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-06-01 14:41:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-06-01 14:41:42 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2010-05-31 23:46:23 | 000,524,288 | -HS- | M] () -- C:\Users\Maniek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-05-31 23:46:23 | 000,065,536 | -HS- | M] () -- C:\Users\Maniek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-05-31 23:46:18 | 003,154,880 | -H-- | M] () -- C:\Users\Maniek\AppData\Local\IconCache.db
[2010-05-31 21:29:03 | 001,718,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-05-31 20:02:36 | 000,099,968 | ---- | M] () -- C:\Users\Maniek\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-05-31 20:02:29 | 000,058,164 | ---- | M] () -- C:\Users\Maniek\Desktop\Adobe_Photoshop_CS5_Extended_[PL]_[ Keygen][Torrenty.org].torrent
[2010-05-28 20:15:39 | 036,534,784 | ---- | M] () -- C:\Users\Maniek\Documents\składniki sieci.ppt
[2010-05-28 18:24:14 | 000,000,598 | ---- | M] () -- C:\Users\Maniek\Desktop\Katana2-Client Starter — skrót.lnk
[2010-05-25 19:00:59 | 000,026,112 | ---- | M] () -- C:\Users\Maniek\Documents\umowa kupna sprzedazy.doc
[2010-05-25 18:51:35 | 000,041,533 | ---- | M] () -- C:\Users\Maniek\Documents\umowa_sprzedazy.jpg.pdf
[2010-05-25 18:39:22 | 000,000,498 | ---- | M] () -- C:\Users\Maniek\Desktop\Call of Duty Multiplayer.lnk
[2010-05-25 18:39:21 | 000,000,709 | ---- | M] () -- C:\Windows\CoD.INI
[2010-05-25 18:04:39 | 001,606,800 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-05-25 18:04:39 | 000,711,470 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-05-25 18:04:39 | 000,631,438 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-05-25 18:04:39 | 000,149,456 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-05-25 18:04:39 | 000,118,064 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-05-24 22:36:13 | 000,000,414 | ---- | M] () -- C:\Users\Maniek\Desktop\hack_config.ini
[2010-05-24 17:58:40 | 000,034,816 | ---- | M] () -- C:\Users\Maniek\Documents\Sąd.doc
[2010-05-23 22:58:43 | 001,973,708 | ---- | M] () -- C:\Users\Maniek\Desktop\ACT0.0.2.5.exe
[2010-05-23 20:48:32 | 000,000,519 | ---- | M] () -- C:\Users\Maniek\Desktop\fyyt2_spol_by_lost — skrót.lnk
[2010-05-22 14:25:20 | 000,012,220 | ---- | M] () -- C:\Users\Maniek\Desktop\Chniskie Znaczki.rtf
[2010-05-22 12:34:43 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010-05-13 22:56:03 | 000,000,020 | ---- | M] () -- C:\Users\Maniek\Documents\aionmemo_b5 84511.dat
[2010-05-12 19:27:01 | 000,000,467 | ---- | M] () -- C:\Users\Maniek\Desktop\Xfire — skrót.lnk
[2010-05-08 13:39:44 | 000,000,493 | ---- | M] () -- C:\Users\Maniek\Desktop\IALauncher — skrót.lnk
[2010-05-08 12:30:46 | 000,000,680 | ---- | M] () -- C:\Users\Maniek\AppData\Local\d3d9caps.dat
[2010-05-08 11:37:45 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\NCsoft Launcher.lnk
[2010-05-08 11:33:02 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Aion.lnk
[2010-05-08 10:59:46 | 000,006,144 | ---- | M] () -- C:\Users\Maniek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-07 21:52:46 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010-05-04 17:20:28 | 000,010,269 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\SmarThruOptions.xml
[2010-04-29 18:49:37 | 000,031,232 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.exe
[2010-04-24 14:24:42 | 000,000,069 | ---- | M] () -- C:\Users\Maniek\Desktop\coords_saves.ini
[2010-04-23 19:17:51 | 000,000,595 | ---- | M] () -- C:\Users\Maniek\Desktop\pes2010 — skrót.lnk
[2010-04-22 16:22:09 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01007.Wdf
[2010-04-20 19:31:24 | 000,000,020 | -H-- | M] () -- C:\Users\Maniek\Desktop\Dok1.docx.sha
[2010-04-17 16:57:34 | 000,215,160 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010-04-13 22:29:41 | 202,210,080 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010-04-13 18:13:11 | 000,000,584 | ---- | M] () -- C:\Users\Maniek\Desktop\Total Commander.lnk
[2010-04-12 22:21:06 | 000,020,992 | ---- | M] () -- C:\Users\Maniek\Documents\Anna KozłowskaGostyń 12.doc
[2010-04-11 21:46:28 | 000,000,020 | -H-- | M] () -- C:\Users\Maniek\Desktop\Bloody Spol by Mikusek.exe.sha
[2010-04-07 21:48:46 | 000,020,992 | ---- | M] () -- C:\Users\Maniek\Documents\Anna i Mirosław Gostyń 07.doc
[2010-04-06 12:09:07 | 000,020,992 | ---- | M] () -- C:\Users\Maniek\Documents\Gostyń 15.doc
[2010-04-06 12:09:03 | 000,024,576 | ---- | M] () -- C:\Users\Maniek\Documents\Gostyń 02.doc
[2010-04-06 12:08:59 | 000,025,088 | ---- | M] () -- C:\Users\Maniek\Documents\Gostyń 11.doc
[2010-04-04 22:17:06 | 000,001,223 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-05-31 20:02:17 | 000,058,164 | ---- | C] () -- C:\Users\Maniek\Desktop\Adobe_Photoshop_CS5_Extended_[PL]_[ Keygen][Torrenty.org].torrent
[2010-05-28 18:24:14 | 000,000,598 | ---- | C] () -- C:\Users\Maniek\Desktop\Katana2-Client Starter — skrót.lnk
[2010-05-25 19:00:59 | 000,026,112 | ---- | C] () -- C:\Users\Maniek\Documents\umowa kupna sprzedazy.doc
[2010-05-25 18:51:35 | 000,041,533 | ---- | C] () -- C:\Users\Maniek\Documents\umowa_sprzedazy.jpg.pdf
[2010-05-25 18:39:22 | 000,000,498 | ---- | C] () -- C:\Users\Maniek\Desktop\Call of Duty Multiplayer.lnk
[2010-05-25 18:00:07 | 000,000,709 | ---- | C] () -- C:\Windows\CoD.INI
[2010-05-23 23:37:31 | 000,034,816 | ---- | C] () -- C:\Users\Maniek\Documents\Sąd.doc
[2010-05-23 22:58:37 | 001,973,708 | ---- | C] () -- C:\Users\Maniek\Desktop\ACT0.0.2.5.exe
[2010-05-23 20:48:32 | 000,000,519 | ---- | C] () -- C:\Users\Maniek\Desktop\fyyt2_spol_by_lost — skrót.lnk
[2010-05-22 14:24:59 | 000,012,220 | ---- | C] () -- C:\Users\Maniek\Desktop\Chniskie Znaczki.rtf
[2010-05-12 19:27:01 | 000,000,467 | ---- | C] () -- C:\Users\Maniek\Desktop\Xfire — skrót.lnk
[2010-05-08 13:39:44 | 000,000,493 | ---- | C] () -- C:\Users\Maniek\Desktop\IALauncher — skrót.lnk
[2010-05-08 13:07:05 | 000,000,020 | ---- | C] () -- C:\Users\Maniek\Documents\aionmemo_b5 84511.dat
[2010-05-08 12:24:09 | 036,534,784 | ---- | C] () -- C:\Users\Maniek\Documents\składniki sieci.ppt
[2010-05-08 11:37:45 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\NCsoft Launcher.lnk
[2010-05-08 11:33:02 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Aion.lnk
[2010-05-07 21:52:46 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010-04-29 18:49:37 | 000,051,267 | ---- | C] () -- C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.dll
[2010-04-29 18:49:37 | 000,031,232 | ---- | C] () -- C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.exe
[2010-04-23 19:17:51 | 000,000,595 | ---- | C] () -- C:\Users\Maniek\Desktop\pes2010 — skrót.lnk
[2010-04-22 16:22:09 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01007.Wdf
[2010-04-20 19:31:24 | 000,000,020 | -H-- | C] () -- C:\Users\Maniek\Desktop\Dok1.docx.sha
[2010-04-17 00:53:55 | 000,000,069 | ---- | C] () -- C:\Users\Maniek\Desktop\coords_saves.ini
[2010-04-15 19:33:03 | 000,000,414 | ---- | C] () -- C:\Users\Maniek\Desktop\hack_config.ini
[2010-04-13 18:13:11 | 000,000,584 | ---- | C] () -- C:\Users\Maniek\Desktop\Total Commander.lnk
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2010-04-12 22:21:06 | 000,020,992 | ---- | C] () -- C:\Users\Maniek\Documents\Anna KozłowskaGostyń 12.doc
[2010-04-11 21:46:28 | 000,000,020 | -H-- | C] () -- C:\Users\Maniek\Desktop\Bloody Spol by Mikusek.exe.sha
[2010-04-07 21:48:46 | 000,020,992 | ---- | C] () -- C:\Users\Maniek\Documents\Anna i Mirosław Gostyń 07.doc
[2010-04-06 12:09:03 | 000,024,576 | ---- | C] () -- C:\Users\Maniek\Documents\Gostyń 02.doc
[2010-03-11 22:29:17 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SecSNMP.dll
[2010-03-11 22:29:10 | 000,000,124 | ---- | C] () -- C:\Windows\Readiris.ini
[2010-03-11 22:29:08 | 000,023,040 | ---- | C] () -- C:\Windows\System32\irisco32.dll
[2010-03-11 22:25:25 | 000,217,088 | R--- | C] () -- C:\Windows\System32\ssminidriver.dll
[2010-03-11 22:25:25 | 000,027,136 | R--- | C] () -- C:\Windows\System32\ssimgfilter.dll
[2010-03-11 22:25:25 | 000,011,264 | R--- | C] () -- C:\Windows\System32\sssegfilter.dll
[2010-03-11 22:25:25 | 000,010,752 | R--- | C] () -- C:\Windows\System32\sserrhandler.dll
[2010-03-11 22:24:49 | 000,022,723 | ---- | C] () -- C:\Windows\System32\suge1l3.dll
[2010-02-27 22:26:08 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010-02-16 00:01:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010-02-11 18:48:17 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010-02-11 18:47:55 | 000,000,277 | ---- | C] () -- C:\Windows\game.ini
[2010-02-11 16:26:05 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-02-11 16:19:35 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008-05-12 21:40:40 | 000,544,768 | ---- | C] () -- C:\Windows\System32\AudioConverter.dll
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010-05-31 23:29:19 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\BITS
[2010-02-11 16:23:02 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\DAEMON Tools Lite
[2010-02-27 22:25:54 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\FlashGet
[2010-02-27 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\FlashGetBHO
[2010-02-11 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\Gadu-Gadu
[2010-02-11 23:40:06 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\Gadu-Gadu 10
[2010-04-13 18:13:41 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\GHISLER
[2010-04-21 23:18:28 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\Leadertech
[2010-03-11 22:29:25 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\SmarThru4
[2010-04-29 17:00:54 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\Ubisoft
[2010-05-05 23:44:49 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\uTorrent
[2010-05-31 23:46:29 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/code]
prosze o pomoc

Sohei

Sohei

komentarz
komentarz

[code]:processes
Explorer.exe

:OTL

PRC - [2010-04-29 18:49:37 | 000,031,232 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.exe
O4 - Startup: C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.dll ()
O4 - Startup: C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.exe ()
O33 - MountPoints2\{9d1a5d74-1718-11df-96f6-001d7d96511c}\Shell - "" = AutoRun
O33 - MountPoints2\{9d1a5d74-1718-11df-96f6-001d7d96511c}\Shell\AutoRun\command - "" = L:\setup\rsrc\Autorun.exe -- File not found
O33 - MountPoints2\{9d1a5d74-1718-11df-96f6-001d7d96511c}\Shell\dinstall\command - "" = L:\Directx\dxsetup.exe -- File not found
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2010-04-13 18:13:10 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF

:files
C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.exe
C:\Users\Maniek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wnr3.dll

:Commands
[emptytemp]
[reboot]

[/code]

Do OTL i run fix.
Wykonaj pełny skan [url=http://dobreprogramy.pl/index.php?dz=2&id=1998][b]DR WEB CureIt[/b][/url]
Wykonaj pełny skan[url=http://www.dobreprogramy.pl/Malwarebytes-AntiMalware,Program,Windows,13117.html][b]MBAM[/b][/url]'
co znajda usun potem logi z usuwania + nowe logi z OTL

maniek0987

maniek0987

komentarz
  • Autor
komentarz

usunelo sie dobrze i byl tylko jeden wirus nie mam loga z usuwania ale mam z otl teraz [code]OTL logfile created on: 2010-06-01 18:01:28 - Run 2
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Users\Maniek\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 122,07 Gb Total Space | 81,52 Gb Free Space | 66,78% Space Free | Partition Type: NTFS
Drive D: | 118,16 Gb Total Space | 84,09 Gb Free Space | 71,17% Space Free | Partition Type: NTFS
Drive E: | 109,31 Gb Total Space | 108,93 Gb Free Space | 99,65% Space Free | Partition Type: NTFS
Drive F: | 116,21 Gb Total Space | 94,97 Gb Free Space | 81,72% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MANIEK-PC
Current User Name: Maniek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days
Output = Standard

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2010-06-01 14:56:02 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Maniek\Desktop\OTL.exe
PRC - [2010-06-01 14:48:25 | 000,840,416 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010-06-01 14:48:24 | 001,314,704 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010-04-04 11:56:14 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-03-03 16:53:19 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2010-02-12 15:51:41 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2010-01-11 23:18:00 | 000,129,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2010-01-11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009-10-30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009-04-11 08:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-11 08:28:08 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-11 08:28:07 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2009-04-11 08:28:05 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2009-04-11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-11 08:27:59 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-11 08:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-11 08:27:59 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
PRC - [2009-04-11 08:27:58 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
PRC - [2009-04-11 08:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-11 08:27:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-01-19 09:33:40 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008-01-19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-01-19 09:33:15 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2008-01-19 09:33:14 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-01-19 09:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008-01-19 09:33:09 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008-01-19 09:33:05 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-01-07 14:28:02 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lycosa\razertra.exe
PRC - [2007-11-20 17:53:36 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files\Razer\Lycosa\razerhid.exe
PRC - [2007-04-23 09:51:42 | 004,435,968 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006-12-23 18:54:04 | 000,262,144 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2006-12-14 18:49:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006-12-14 08:25:40 | 000,520,192 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2010-06-01 14:56:02 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Maniek\Desktop\OTL.exe
MOD - [2010-02-12 16:04:13 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2010-02-12 15:51:41 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2010-02-12 15:45:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2010-02-12 14:39:11 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009-04-11 08:28:25 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-11 08:28:25 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-04-11 08:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-11 08:28:25 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-11 08:28:25 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-11 08:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2009-04-11 08:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-11 08:28:24 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-04-11 08:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-04-11 08:28:24 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-11 08:28:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-11 08:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2009-04-11 08:28:23 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-11 08:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-04-11 08:28:23 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-11 08:28:23 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-11 08:28:23 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-11 08:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-11 08:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-11 08:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-11 08:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-11 08:28:20 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-11 08:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-11 08:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-11 08:28:18 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-11 08:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-11 08:28:17 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-11 08:27:49 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009-04-11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008-01-19 09:37:12 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-01-19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-01-19 09:36:48 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-01-19 09:36:47 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-01-19 09:36:35 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-01-19 09:35:57 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-01-19 09:33:52 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-01-19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010-06-01 14:48:24 | 001,314,704 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010-01-28 05:01:36 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\aspnet_state.exe -- (aspnet_state)
SRV - [2010-01-28 01:51:52 | 000,738,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010-01-28 01:51:52 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\mscorsvw.exe -- (clr_optimization_v4.0.30128_32)
SRV - [2010-01-28 01:51:52 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010-01-28 01:51:52 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2010-01-28 01:51:52 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2010-01-28 01:51:52 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30128\SMSvcHost.exe -- (NetMsmqActivator)
SRV - [2010-01-11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009-09-25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2010-02-11 16:19:35 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010-02-11 15:21:34 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010-02-04 17:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010-01-12 13:03:34 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009-04-08 14:29:52 | 000,056,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2008-01-19 07:49:39 | 000,521,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xnacc.sys -- (xnacc)
DRV - [2008-01-18 15:43:16 | 000,016,128 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Lycosa.sys -- (LycoFltr)
DRV - [2007-04-23 12:13:22 | 001,769,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006-12-08 11:33:21 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2006-12-08 11:33:20 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2006-11-02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006-11-02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006-11-02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006-11-02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006-11-02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006-11-02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006-11-02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006-11-02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006-11-02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006-11-02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006-11-02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006-11-02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006-11-02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006-11-02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006-11-02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006-11-02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006-11-02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006-11-02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006-11-02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006-11-02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006-11-02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006-11-02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006-11-02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006-11-02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006-11-02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006-11-02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006-11-02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006-11-02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006-11-02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006-11-02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006-11-02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006-11-02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006-11-02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006-11-02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006-11-02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006-11-02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006-11-02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006-11-02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006-11-02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006-11-02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006-11-02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006-11-02 09:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006-11-02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.actina.pl/ [binary data]
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14780&l=dis
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.6.0.15
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-04-04 11:56:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-05-06 21:04:54 | 000,000,000 | ---D | M]

[2010-02-11 14:43:37 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\mozilla\Extensions
[2010-05-31 18:21:55 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions
[2010-04-27 22:27:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010-05-04 21:23:38 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010-03-03 16:14:05 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions\battlefieldheroespatcher@ea.com
[2010-04-20 21:05:14 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\mozilla\Firefox\Profiles\p6z85bj0.default\extensions\toolbar@ask.com
[2010-04-20 21:05:16 | 000,002,426 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\Mozilla\FireFox\Profiles\p6z85bj0.default\searchplugins\askcom.xml
[2010-04-21 12:06:36 | 000,000,917 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\Mozilla\FireFox\Profiles\p6z85bj0.default\searchplugins\conduit.xml
[2010-02-13 20:23:44 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010-02-13 20:23:44 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010-01-14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010-01-16 03:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml
[2010-01-16 03:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml
[2010-01-16 03:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml
[2010-01-16 03:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml
[2010-01-16 03:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml
[2010-01-16 03:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2010-06-01 18:00:50 | 000,000,806 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Maniek\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [Lycosa] C:\Program Files\Razer\Lycosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000..\Run: [PlayNC Launcher] File not found
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Maniek\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Maniek\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3871860780-576015249-4064514984-1000\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Maniek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Maniek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2010-06-01 17:21:30 | 000,000,000 | ---D | C] -- C:\Users\Maniek\DoctorWeb
[2010-06-01 17:12:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2010-06-01 14:55:54 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\Maniek\Desktop\OTL.exe
[2010-05-31 23:46:06 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline
[2010-05-31 23:09:12 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010-05-31 20:52:36 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Documents\Version Cue
[2010-05-31 20:52:35 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Documents\AdobeStockPhotos
[2010-05-31 20:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2010-05-31 19:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-05-31 19:53:09 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Desktop\pl_PL
[2010-05-28 19:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\AMR Converter Pro
[2010-05-28 19:48:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA}
[2010-05-23 22:58:48 | 000,000,000 | ---D | C] -- C:\Users\Maniek\Anwendungsdaten
[2010-05-21 18:24:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010-05-12 15:58:58 | 001,483,054 | ---- | C] (Colonel Cow) -- C:\Users\Maniek\Desktop\minimalizer2.exe
[2010-05-08 10:13:34 | 000,000,000 | ---D | C] -- C:\Users\Maniek\AppData\Local\assembly
[2010-05-08 09:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\NCsoft
[2010-05-04 21:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\XfireXO
[2010-05-04 21:23:40 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010-05-04 21:23:32 | 000,000,000 | ---D | C] -- C:\Users\Maniek\AppData\Roaming\Xfire
[2010-05-04 21:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2010-06-01 18:01:26 | 004,194,304 | -HS- | M] () -- C:\Users\Maniek\ntuser.dat
[2010-06-01 18:00:50 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010-06-01 17:19:22 | 000,034,990 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010-06-01 17:19:21 | 000,034,990 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010-06-01 17:19:04 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010-06-01 17:19:04 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010-06-01 17:19:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-06-01 17:19:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-06-01 17:18:59 | 2145,902,592 | -HS- | M] () -- C:\hiberfil.sys
[2010-06-01 17:18:04 | 000,524,288 | -HS- | M] () -- C:\Users\Maniek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010-06-01 17:18:04 | 000,065,536 | -HS- | M] () -- C:\Users\Maniek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010-06-01 17:04:21 | 006,291,456 | -H-- | M] () -- C:\Users\Maniek\AppData\Local\IconCache.db
[2010-06-01 15:53:03 | 042,464,752 | ---- | M] () -- C:\Users\Maniek\Desktop\launch.exe
[2010-06-01 14:56:02 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\Maniek\Desktop\OTL.exe
[2010-06-01 14:48:51 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2010-05-31 21:29:03 | 001,718,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-05-31 20:02:36 | 000,099,968 | ---- | M] () -- C:\Users\Maniek\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-05-31 20:02:29 | 000,058,164 | ---- | M] () -- C:\Users\Maniek\Desktop\Adobe_Photoshop_CS5_Extended_[PL]_[ Keygen][Torrenty.org].torrent
[2010-05-28 20:15:39 | 036,534,784 | ---- | M] () -- C:\Users\Maniek\Documents\składniki sieci.ppt
[2010-05-28 18:24:14 | 000,000,598 | ---- | M] () -- C:\Users\Maniek\Desktop\Katana2-Client Starter — skrót.lnk
[2010-05-25 19:00:59 | 000,026,112 | ---- | M] () -- C:\Users\Maniek\Documents\umowa kupna sprzedazy.doc
[2010-05-25 18:51:35 | 000,041,533 | ---- | M] () -- C:\Users\Maniek\Documents\umowa_sprzedazy.jpg.pdf
[2010-05-25 18:39:22 | 000,000,498 | ---- | M] () -- C:\Users\Maniek\Desktop\Call of Duty Multiplayer.lnk
[2010-05-25 18:39:21 | 000,000,709 | ---- | M] () -- C:\Windows\CoD.INI
[2010-05-25 18:04:39 | 001,606,800 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-05-25 18:04:39 | 000,711,470 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010-05-25 18:04:39 | 000,631,438 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-05-25 18:04:39 | 000,149,456 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010-05-25 18:04:39 | 000,118,064 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-05-24 22:36:13 | 000,000,414 | ---- | M] () -- C:\Users\Maniek\Desktop\hack_config.ini
[2010-05-24 17:58:40 | 000,034,816 | ---- | M] () -- C:\Users\Maniek\Documents\Sąd.doc
[2010-05-23 22:58:43 | 001,973,708 | ---- | M] () -- C:\Users\Maniek\Desktop\ACT0.0.2.5.exe
[2010-05-23 20:48:32 | 000,000,519 | ---- | M] () -- C:\Users\Maniek\Desktop\fyyt2_spol_by_lost — skrót.lnk
[2010-05-22 14:25:20 | 000,012,220 | ---- | M] () -- C:\Users\Maniek\Desktop\Chniskie Znaczki.rtf
[2010-05-22 12:34:43 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010-05-13 22:56:03 | 000,000,020 | ---- | M] () -- C:\Users\Maniek\Documents\aionmemo_b5 84511.dat
[2010-05-12 19:27:01 | 000,000,467 | ---- | M] () -- C:\Users\Maniek\Desktop\Xfire — skrót.lnk
[2010-05-08 13:39:44 | 000,000,493 | ---- | M] () -- C:\Users\Maniek\Desktop\IALauncher — skrót.lnk
[2010-05-08 12:30:46 | 000,000,680 | ---- | M] () -- C:\Users\Maniek\AppData\Local\d3d9caps.dat
[2010-05-08 11:37:45 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\NCsoft Launcher.lnk
[2010-05-08 11:33:02 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Aion.lnk
[2010-05-08 10:59:46 | 000,006,144 | ---- | M] () -- C:\Users\Maniek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-05-07 21:52:46 | 000,041,872 | ---- | M] () -- C:\Windows\System32\xfcodec.dll
[2010-05-04 17:20:28 | 000,010,269 | ---- | M] () -- C:\Users\Maniek\AppData\Roaming\SmarThruOptions.xml

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2010-06-01 15:51:40 | 042,464,752 | ---- | C] () -- C:\Users\Maniek\Desktop\launch.exe
[2010-05-31 20:02:17 | 000,058,164 | ---- | C] () -- C:\Users\Maniek\Desktop\Adobe_Photoshop_CS5_Extended_[PL]_[ Keygen][Torrenty.org].torrent
[2010-05-28 18:24:14 | 000,000,598 | ---- | C] () -- C:\Users\Maniek\Desktop\Katana2-Client Starter — skrót.lnk
[2010-05-25 19:00:59 | 000,026,112 | ---- | C] () -- C:\Users\Maniek\Documents\umowa kupna sprzedazy.doc
[2010-05-25 18:51:35 | 000,041,533 | ---- | C] () -- C:\Users\Maniek\Documents\umowa_sprzedazy.jpg.pdf
[2010-05-25 18:39:22 | 000,000,498 | ---- | C] () -- C:\Users\Maniek\Desktop\Call of Duty Multiplayer.lnk
[2010-05-25 18:00:07 | 000,000,709 | ---- | C] () -- C:\Windows\CoD.INI
[2010-05-23 23:37:31 | 000,034,816 | ---- | C] () -- C:\Users\Maniek\Documents\Sąd.doc
[2010-05-23 22:58:37 | 001,973,708 | ---- | C] () -- C:\Users\Maniek\Desktop\ACT0.0.2.5.exe
[2010-05-23 20:48:32 | 000,000,519 | ---- | C] () -- C:\Users\Maniek\Desktop\fyyt2_spol_by_lost — skrót.lnk
[2010-05-22 14:24:59 | 000,012,220 | ---- | C] () -- C:\Users\Maniek\Desktop\Chniskie Znaczki.rtf
[2010-05-12 19:27:01 | 000,000,467 | ---- | C] () -- C:\Users\Maniek\Desktop\Xfire — skrót.lnk
[2010-05-08 13:39:44 | 000,000,493 | ---- | C] () -- C:\Users\Maniek\Desktop\IALauncher — skrót.lnk
[2010-05-08 13:07:05 | 000,000,020 | ---- | C] () -- C:\Users\Maniek\Documents\aionmemo_b5 84511.dat
[2010-05-08 12:24:09 | 036,534,784 | ---- | C] () -- C:\Users\Maniek\Documents\składniki sieci.ppt
[2010-05-08 11:37:45 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\NCsoft Launcher.lnk
[2010-05-08 11:33:02 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Aion.lnk
[2010-05-07 21:52:46 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010-03-11 22:29:17 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SecSNMP.dll
[2010-03-11 22:29:10 | 000,000,124 | ---- | C] () -- C:\Windows\Readiris.ini
[2010-03-11 22:29:08 | 000,023,040 | ---- | C] () -- C:\Windows\System32\irisco32.dll
[2010-03-11 22:25:25 | 000,217,088 | R--- | C] () -- C:\Windows\System32\ssminidriver.dll
[2010-03-11 22:25:25 | 000,027,136 | R--- | C] () -- C:\Windows\System32\ssimgfilter.dll
[2010-03-11 22:25:25 | 000,011,264 | R--- | C] () -- C:\Windows\System32\sssegfilter.dll
[2010-03-11 22:25:25 | 000,010,752 | R--- | C] () -- C:\Windows\System32\sserrhandler.dll
[2010-03-11 22:24:49 | 000,022,723 | ---- | C] () -- C:\Windows\System32\suge1l3.dll
[2010-02-27 22:26:08 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010-02-16 00:01:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010-02-11 18:48:17 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010-02-11 18:47:55 | 000,000,277 | ---- | C] () -- C:\Windows\game.ini
[2010-02-11 16:26:05 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010-02-11 16:19:35 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008-05-12 21:40:40 | 000,544,768 | ---- | C] () -- C:\Windows\System32\AudioConverter.dll
[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

[color=#E56717]========== LOP Check ==========[/color]

[2010-05-31 23:29:19 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\BITS
[2010-02-11 16:23:02 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\DAEMON Tools Lite
[2010-02-27 22:25:54 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\FlashGet
[2010-02-27 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\FlashGetBHO
[2010-02-11 21:23:59 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\Gadu-Gadu
[2010-02-11 23:40:06 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\Gadu-Gadu 10
[2010-04-13 18:13:41 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\GHISLER
[2010-04-21 23:18:28 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\Leadertech
[2010-03-11 22:29:25 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\SmarThru4
[2010-04-29 17:00:54 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\Ubisoft
[2010-05-05 23:44:49 | 000,000,000 | ---D | M] -- C:\Users\Maniek\AppData\Roaming\uTorrent
[2010-06-01 17:18:05 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]


< End of report >
[/code] ale juz sie nie wyswietla to dzieki wielkie

Sohei

Sohei

komentarz
komentarz

zastosuj flash desinfector
oraz C:\Windows\System32\lsdelete.exe przeskanuj to na virustotal: )

maniek0987

maniek0987

komentarz
  • Autor
komentarz (edytowane)

http://www.virustotal.com/pl/reanalisis.html?4da6e8533a471c3a323c815a32f6db88792ea3087ea6cff32bbb1d03435d19e6-1275410387

gdy wlaczam flash desinfector to sie nic nie dzieje nie wiem czemu sciagalem nie z jednego zrodla

Sohei

Sohei

komentarz
komentarz

dzieje sie cos jeszcze podejrzanego z komputereM?

maniek0987

maniek0987

komentarz
  • Autor
komentarz

nie juz jest dobrze dzieki wielkie

Tomek01

Tomek01

komentarz
komentarz

Tak na przyszłość logi załączaj w odpowiedniej formie, wg zasad forum.

Sohei

Sohei

komentarz
komentarz

w OTL clean up
dysk i rejestr cclenerem przeczyscic

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

Zadaj pytanie bez logowania
Przejdź do listy tematów
×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.

  Akceptuję