swiatek94 utworzono 22 czerwca 2011 utworzono 22 czerwca 2011 (edytowane) Tak jak w temacie, szczególnie widzę to w momencie włączenia go ... wszystko ładuje się bardzo długo [log]OTL logfile created on: 2011-06-22 14:57:26 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 64,04% Memory free 6,50 Gb Paging File | 5,23 Gb Available in Paging File | 80,55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 3,20 Gb Free Space | 9,37% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 8,42 Gb Free Space | 1,95% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-06-22 14:56:09 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe PRC - [2011-04-14 18:59:14 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-04-14 18:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-04-08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-04-07 22:43:34 | 000,612,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2011-04-07 22:43:04 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2011-04-07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-02-18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010-11-22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-11-20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-10-29 14:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-10-07 13:23:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2010-02-28 02:36:22 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 03:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dllhost.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2008-02-28 18:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2008-02-28 18:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe PRC - [2008-02-18 17:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-06-22 14:56:09 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe MOD - [2011-02-25 07:34:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2010-11-20 14:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 14:19:26 | 000,857,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2010-11-20 14:19:26 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-04 11:03:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-04-08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-04-07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-11-22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010-06-13 02:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-04-08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-02-07 17:53:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-05-16 22:49:27 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2010-05-16 22:48:26 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010-05-16 22:48:26 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2010-03-19 16:14:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-03-19 16:14:12 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-02-28 02:02:57 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009-11-16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon) DRV - [2009-10-06 12:56:34 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-10-06 12:56:32 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2009-10-06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-10-06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-10-06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-10-06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-09-16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-07-14 11:51:24 | 000,002,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\portio32.sys -- (portio32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/mediaget/{0B7A993F-4927-4210-A6D8-99DD3EADA2EA} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\MediaGet DB Toolbar\tbhelper.dll () IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-04-29 19:20:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-19 21:15:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-08-06 23:55:06 | 000,000,000 | ---D | M] [2010-02-27 05:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions [2011-06-21 11:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions [2010-12-19 23:37:21 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions\vshare@toolbar [2011-02-07 17:50:35 | 000,002,059 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\daemon-search.xml [2011-01-21 02:19:36 | 000,002,374 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\search.xml [2010-12-19 23:37:36 | 000,001,583 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\web-search.xml [2011-04-29 19:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-01-15 23:12:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-01-25 23:43:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-04-27 18:29:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010-02-27 13:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions [2010-02-27 13:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} File not found (No name found) -- () (No name found) -- C:\USERS\KUBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LL6YTCLL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\KUBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LL6YTCLL.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2011-04-14 18:59:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2011-04-27 18:29:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-09-11 15:39:28 | 000,001,375 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 gosredirector.ea.com O1 - Hosts: 127.0.0.1 blazeserver.blazeemu.org O1 - Hosts: 127.0.0.1 gosgvaprod-qos01.ea.com O1 - Hosts: 127.0.0.1 gosiadprod-qos01.ea.com O1 - Hosts: 127.0.0.1 gossjcprod-qos01.ea.com O1 - Hosts: 127.0.0.1 demangler.ea.com O1 - Hosts: 127.0.0.1 vmp.tools.gos.ea.com O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\MediaGet DB Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (MediaGet DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\MediaGet DB Toolbar\tbcore3.dll () O3 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\..\Toolbar\WebBrowser: (MediaGet DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\MediaGet DB Toolbar\tbcore3.dll () O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 172.22.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{372d011a-32d2-11e0-bc97-001e8cb5dd95}\Shell - "" = AutoRun O33 - MountPoints2\{372d011a-32d2-11e0-bc97-001e8cb5dd95}\Shell\AutoRun\command - "" = F:\Razor1911_Installer.exe O33 - MountPoints2\{c0659e53-23fc-11df-a177-001e8cb5dd95}\Shell - "" = AutoRun O33 - MountPoints2\{c0659e53-23fc-11df-a177-001e8cb5dd95}\Shell\AutoRun\command - "" = F:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "bootini" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-06-22 14:56:03 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe [2011-06-22 14:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-06-22 02:47:10 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\dBar minimalistic.theme [2011-06-22 02:47:05 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Theme1 [2011-06-19 21:15:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011-06-19 19:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2 [2011-06-19 13:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Faction Armageddon [2011-06-11 03:24:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Duke Nukem Forever [2011-06-02 16:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-06-02 16:09:49 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2011-06-02 16:09:49 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2011-06-02 16:09:49 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2011-05-30 23:12:23 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011-05-29 21:06:18 | 008,643,584 | ---- | C] (ark) -- C:\Windows\System32\drivers\PictureDll.sys [2011-05-29 21:06:18 | 000,496,640 | ---- | C] (ark) -- C:\Windows\System32\drivers\FaceDll.sys [2011-05-29 21:06:18 | 000,031,104 | ---- | C] (usb camera) -- C:\Windows\System32\drivers\usbcamcl.sys [2011-05-29 21:06:18 | 000,019,968 | ---- | C] (usb camera) -- C:\Windows\System32\drivers\usbDecode.sys [2011-05-29 21:06:18 | 000,005,632 | ---- | C] (ark) -- C:\Windows\System32\drivers\FilterDll.sys [2011-05-29 21:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Camera [2011-05-29 01:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011-05-26 13:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2011-05-26 13:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2011-05-21 12:51:12 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011-05-21 12:38:50 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2011-05-21 01:29:08 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\The Witcher 2 [2011-05-21 01:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 2 [2011-05-15 22:07:12 | 000,043,520 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll [2011-05-03 17:01:46 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\AdobeStockPhotos [2011-04-27 18:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-06-22 14:56:09 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe [2011-06-22 14:37:36 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-06-22 14:31:24 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 14:31:22 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 13:45:38 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011-06-22 13:45:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-22 13:44:29 | 2616,549,376 | -HS- | M] () -- C:\hiberfil.sys [2011-06-22 03:20:03 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2011-06-22 02:17:42 | 001,768,015 | ---- | M] () -- C:\Users\Kuba\Desktop\Theme1.rar [2011-06-22 00:01:59 | 005,959,657 | ---- | M] () -- C:\Users\Kuba\Desktop\01 Set Fire To The Rain.mp3 [2011-06-21 23:52:10 | 003,405,145 | ---- | M] () -- C:\Users\Kuba\Desktop\GrubSon - Przestań Się Bać (Remix).mp3 [2011-06-21 18:50:46 | 014,461,190 | ---- | M] () -- C:\Users\Kuba\Desktop\Adele - Set Fire To The Rain (Thomas Gold Remix) 4clubbers.pl by ORZEL.mp3 [2011-06-21 17:48:51 | 016,095,533 | ---- | M] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Original Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-21 14:51:20 | 000,687,590 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-06-21 14:51:20 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-06-21 14:51:20 | 000,131,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-06-21 14:51:20 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-06-21 14:49:43 | 016,614,848 | ---- | M] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Michael Calfan Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-19 21:15:57 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011-06-19 19:34:02 | 000,000,921 | ---- | M] () -- C:\Users\Kuba\Desktop\AIMP2.lnk [2011-06-19 13:57:49 | 000,001,167 | ---- | M] () -- C:\Users\Kuba\Desktop\Red Faction Armageddon.lnk [2011-06-17 02:13:56 | 000,016,384 | ---- | M] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-16 00:08:48 | 000,001,667 | ---- | M] () -- C:\Users\Public\Desktop\DiRT 3.lnk [2011-06-06 00:35:05 | 000,254,112 | ---- | M] () -- C:\Users\Kuba\Desktop\dBar minimalistic.theme.zip [2011-05-29 21:06:18 | 000,000,021 | ---- | M] () -- C:\Windows\System32\camera.ini [2011-05-26 13:29:08 | 001,104,337 | ---- | M] () -- C:\Users\Kuba\Documents\everest przed.png [2011-05-26 13:27:58 | 000,001,108 | ---- | M] () -- C:\Users\Kuba\Desktop\EVEREST Ultimate Edition.lnk [2011-05-24 14:20:46 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 12:38:50 | 000,000,594 | ---- | M] () -- C:\Users\Kuba\Desktop\Fraps.lnk [2011-05-21 01:27:07 | 000,000,475 | ---- | M] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [2011-04-29 19:20:03 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-22 14:37:36 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-06-22 02:17:36 | 001,768,015 | ---- | C] () -- C:\Users\Kuba\Desktop\Theme1.rar [2011-06-22 00:01:15 | 005,959,657 | ---- | C] () -- C:\Users\Kuba\Desktop\01 Set Fire To The Rain.mp3 [2011-06-21 23:48:14 | 003,405,145 | ---- | C] () -- C:\Users\Kuba\Desktop\GrubSon - Przestań Się Bać (Remix).mp3 [2011-06-21 18:50:04 | 014,461,190 | ---- | C] () -- C:\Users\Kuba\Desktop\Adele - Set Fire To The Rain (Thomas Gold Remix) 4clubbers.pl by ORZEL.mp3 [2011-06-21 17:48:04 | 016,095,533 | ---- | C] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Original Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-21 14:48:26 | 016,614,848 | ---- | C] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Michael Calfan Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-19 19:34:01 | 000,000,921 | ---- | C] () -- C:\Users\Kuba\Desktop\AIMP2.lnk [2011-06-19 13:57:49 | 000,001,167 | ---- | C] () -- C:\Users\Kuba\Desktop\Red Faction Armageddon.lnk [2011-06-06 00:34:54 | 000,254,112 | ---- | C] () -- C:\Users\Kuba\Desktop\dBar minimalistic.theme.zip [2011-06-02 16:09:49 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-06-02 16:09:49 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-06-02 16:09:49 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-06-02 16:09:49 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2011-06-02 16:09:49 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-05-29 21:06:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\face.ax [2011-05-29 21:06:18 | 000,028,672 | ---- | C] () -- C:\Windows\System32\CoUninstall.dll [2011-05-29 21:06:18 | 000,000,021 | ---- | C] () -- C:\Windows\System32\camera.ini [2011-05-29 01:20:34 | 000,001,346 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011-05-29 01:18:33 | 000,001,667 | ---- | C] () -- C:\Users\Public\Desktop\DiRT 3.lnk [2011-05-26 13:29:07 | 001,104,337 | ---- | C] () -- C:\Users\Kuba\Documents\everest przed.png [2011-05-26 13:27:22 | 000,001,108 | ---- | C] () -- C:\Users\Kuba\Desktop\EVEREST Ultimate Edition.lnk [2011-05-24 14:20:46 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 12:38:50 | 000,000,594 | ---- | C] () -- C:\Users\Kuba\Desktop\Fraps.lnk [2011-05-21 01:27:07 | 000,000,475 | ---- | C] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [2011-04-29 19:20:03 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-02-27 14:12:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-02-27 14:10:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-02-17 08:29:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2011-01-26 01:28:04 | 000,016,384 | ---- | C] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-31 02:33:53 | 000,000,600 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd [2010-12-06 15:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2010-11-26 00:38:22 | 000,002,048 | ---- | C] () -- C:\Windows\System32\drivers\portio32.sys [2010-06-21 23:46:40 | 000,039,712 | ---- | C] () -- C:\Windows\System32\ASL.dll [2010-05-18 22:28:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010-05-18 22:25:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010-03-19 16:14:12 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-03-19 16:14:12 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-02-28 02:36:51 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-02-28 02:36:51 | 000,138,056 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\PnkBstrK.sys [2010-02-28 02:36:24 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010-02-28 02:36:22 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe [2010-02-28 02:36:22 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010-02-27 15:07:24 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini [2010-02-27 06:03:33 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-10-05 12:10:18 | 000,007,274 | ---- | C] () -- C:\Windows\cadx2.ini [2009-07-14 10:07:57 | 000,687,590 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-07-14 10:07:57 | 000,131,176 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 06:33:53 | 000,421,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 04:05:48 | 000,606,992 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 04:05:48 | 000,103,370 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2004-08-13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2002-09-18 00:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe [2001-08-29 15:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\System32\DK2WIN32.DLL [color=#E56717]========== LOP Check ==========[/color] [2011-05-21 11:40:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\abgx360 [2011-02-28 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer [2010-02-27 17:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bioshock2 [2010-09-18 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bump Technologies, Inc [2010-03-22 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Command and Conquer 4 [2010-02-28 01:46:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools [2010-03-02 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite [2010-05-20 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Gadu-Gadu 10 [2010-03-02 18:16:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ImgBurn [2010-09-29 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Leadertech [2011-01-09 22:54:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\mkvtoolnix [2010-12-23 16:34:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Nokia [2011-01-07 03:09:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++ [2010-08-15 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\OpenFM [2010-09-12 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PMS [2010-03-24 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Prison Break [2010-02-28 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Red Alert 3 [2010-07-30 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Samsung [2010-06-30 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sports Interactive [2011-03-19 01:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\The Creative Assembly [2011-02-17 01:22:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Tunngle [2010-02-27 15:21:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft [2011-06-22 14:18:40 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent [2011-04-13 11:34:35 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2010-02-27 05:17:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2011-06-22 13:44:29 | 2616,549,376 | -HS- | M] () -- C:\hiberfil.sys [2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-07-14 00:22:47 | 000,010,194 | ---- | M] () -- C:\MP4debug.log [2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-09-11 15:06:35 | 000,271,082 | RHS- | M] () -- C:\PTRQH [2010-09-11 15:06:35 | 000,000,020 | RHS- | M] () -- C:\win7.ld [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8CE646EE < End of report > [/log] [log]OTL Extras logfile created on: 2011-06-22 14:57:26 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 64,04% Memory free 6,50 Gb Paging File | 5,23 Gb Available in Paging File | 80,55% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 3,20 Gb Free Space | 9,37% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 8,42 Gb Free Space | 1,95% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Społeczności "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1871FE54-36AA-478F-B374-A46BA54474CC}" = ESET NOD32 Antivirus "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1BF4CB15-6055-452A-8487-021AE2D91208}" = Crysis® 2 Demo "{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands "{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24 "{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8}" = Nokia Service Tool Drivers "{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010 "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{58D4FB3A-98E9-4B9B-B01E-7F005AEFE019}" = PC Camera "{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004 "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{7BA8B6CB-6FF4-4AD4-AFA6-CFEABBEF8607}_is1" = Mafia.2.DLC-Gardzij wersja 1.0 "{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{92DA4424-0CFB-44D1-A08B-B63D5D8BEFBC}_is1" = Phoenix Service Software 2010.8.4.41526 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Społeczności "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.5 - Polish "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 270.61 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.1.34 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Społeczności Na wakacjach "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game "{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "abgx360" = abgx360 v1.0.5 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "AIMP2" = AIMP2 "AviSynth" = AviSynth 2.5 "CanonMyPrinter" = Canon Utilities My Printer "CCleaner" = CCleaner "Cheat Engine 6.0_is1" = Cheat Engine 6.0 "Cities XL 2011" = Cities XL 2011 "DAEMON Tools Lite" = DAEMON Tools Lite "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0 "Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4 Beta-2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "FormatFactory" = FormatFactory 2.60 "Fraps" = Fraps (remove only) "Gadu-Gadu 10" = Gadu-Gadu 10 "GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010 "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "ImgBurn" = ImgBurn "KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Full) "MediaGet DB Toolbar" = MediaGet DB Toolbar "MKVtoolnix" = MKVtoolnix 4.4.0 "Mozilla Firefox 4.0.1 (x86 pl)" = Mozilla Firefox 4.0.1 (x86 pl) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "Notepad++" = Notepad++ "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Postal 2_is1" = Portal 2 "PS3 Media Server" = PS3 Media Server "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.2 "Red Faction Armageddon_is1" = 1.0 "SopCast" = SopCast 3.2.9 "Test Drive Unlimited 2_is1" = Test Drive Unlimited 2 "Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204 "Tunngle beta_is1" = Tunngle beta "UltraISO_is1" = UltraISO Premium V9.36 "UnderCoverXP_is1" = UnderCoverXP 1.23 "Update Service" = Update Service "uTorrent" = µTorrent "VirtualDubMod" = VirtualDubMod 1.5.10.2 PL "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "winscp3_is1" = WinSCP 4.2.9 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Kuba at 2011-06-22 16:27:36 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 3 GB (9%) free of 35 GB Total RAM: 3327 MB (52% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:27:43, on 2011-06-22 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\notepad.exe C:\Program Files\Gadu-Gadu 10\gg.exe C:\Program Files\AIMP2\AIMP2.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Kuba\Desktop\RSIT.exe C:\Program Files\trend micro\Kuba.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/mediaget/{0B7A993F-4927-4210-A6D8-99DD3EADA2EA} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\MediaGet DB Toolbar\tbhelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\MediaGet DB Toolbar\tbcore3.dll O3 - Toolbar: MediaGet DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\MediaGet DB Toolbar\tbcore3.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-21-4215226204-2208899973-833160735-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-4215226204-2208899973-833160735-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe -- End of file - 7860 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-27 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] SMTTB2009 Class - C:\Program Files\MediaGet DB Toolbar\tbcore3.dll [2010-02-16 2495488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {338B4DFE-2E2C-4338-9E41-E176D497299E} - MediaGet DB Toolbar - C:\Program Files\MediaGet DB Toolbar\tbcore3.dll [2010-02-16 2495488] {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 1983816] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-03-07 421160] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-12-16 12984928] "uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-03-24 399736] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408] "Steam"=C:\Program Files\Steam\Steam.exe [2011-03-16 1242448] C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2011-06-22 16:27:37 ----D---- C:\Program Files\trend micro 2011-06-22 16:27:36 ----D---- C:\rsit 2011-06-22 14:37:35 ----D---- C:\Program Files\CCleaner 2011-06-19 21:15:47 ----SHD---- C:\Config.Msi 2011-06-19 19:34:01 ----D---- C:\Program Files\AIMP2 2011-06-17 03:01:44 ----A---- C:\Windows\system32\mshtmled.dll 2011-06-17 03:01:44 ----A---- C:\Windows\system32\jscript9.dll 2011-06-17 03:01:44 ----A---- C:\Windows\system32\jscript.dll 2011-06-17 03:01:44 ----A---- C:\Windows\system32\ieui.dll 2011-06-17 03:01:44 ----A---- C:\Windows\system32\iertutil.dll 2011-06-17 03:01:43 ----A---- C:\Windows\system32\mshtml.dll 2011-06-17 03:01:43 ----A---- C:\Windows\system32\ieframe.dll 2011-06-17 03:01:42 ----A---- C:\Windows\system32\urlmon.dll 2011-06-16 04:29:16 ----A---- C:\Windows\system32\drivers\srvnet.sys 2011-06-16 04:29:16 ----A---- C:\Windows\system32\drivers\srv2.sys 2011-06-16 04:29:16 ----A---- C:\Windows\system32\drivers\srv.sys 2011-06-16 04:29:01 ----A---- C:\Windows\system32\drivers\tcpip.sys 2011-06-16 04:29:00 ----A---- C:\Windows\system32\drivers\afd.sys 2011-06-16 04:26:16 ----A---- C:\Windows\system32\oleaut32.dll 2011-06-16 04:22:32 ----A---- C:\Windows\system32\inetcomm.dll 2011-06-16 04:20:02 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2011-06-16 04:20:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2011-06-16 04:20:02 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2011-06-02 16:09:49 ----A---- C:\Windows\system32\yv12vfw.dll 2011-06-02 16:09:49 ----A---- C:\Windows\system32\xvidvfw.dll 2011-06-02 16:09:49 ----A---- C:\Windows\system32\xvidcore.dll 2011-06-02 16:09:49 ----A---- C:\Windows\system32\ff_vfw.dll.manifest 2011-06-02 16:09:49 ----A---- C:\Windows\system32\ff_vfw.dll 2011-06-02 16:09:49 ----A---- C:\Windows\avisplitter.ini 2011-05-30 23:12:23 ----D---- C:\Windows\pss 2011-05-29 21:06:18 ----A---- C:\Windows\system32\mpg4c32.dll 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\usbDecode.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\usbcamcl.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\PictureDll.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\FilterDll.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\FaceDll.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\CoUninstall.dll 2011-05-29 21:06:18 ----A---- C:\Windows\system32\camera.ini 2011-05-29 01:19:30 ----RA---- C:\Windows\system32\tmpF2E5.tmp 2011-05-26 13:27:19 ----D---- C:\Program Files\Lavalys 2011-05-24 14:20:46 ----A---- C:\Windows\system32\wininet.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\wextract.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\webcheck.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\vbscript.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\url.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\pngfilt.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\occache.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msrating.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msls31.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\mshtmler.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\mshta.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msfeedssync.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msfeedsbs.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msfeeds.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\licmgr10.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\jsproxy.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\inseng.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\imgutil.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iexpress.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieUnatt.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iesysprep.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iesetup.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iernonce.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iepeers.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iedkcs32.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieapfltr.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieakui.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieaksie.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieakeng.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\IEAdvpack.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ie4uinit.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\icardie.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\dxtrans.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\dxtmsft.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\admparse.dll 2011-05-24 13:17:03 ----A---- C:\Windows\system32\poqexec.exe ======List of files/folders modified in the last 1 months====== 2011-06-22 16:27:39 ----D---- C:\Windows\Temp 2011-06-22 16:27:37 ----RD---- C:\Program Files 2011-06-22 15:58:16 ----D---- C:\Windows\tracing 2011-06-22 14:43:17 ----D---- C:\Users\Kuba\AppData\Roaming\Winamp 2011-06-22 14:43:17 ----D---- C:\Users\Kuba\AppData\Roaming\Media Player Classic 2011-06-22 14:43:17 ----D---- C:\Program Files\Steam 2011-06-22 14:43:13 ----D---- C:\Windows\Logs 2011-06-22 14:43:13 ----D---- C:\Windows\debug 2011-06-22 14:43:13 ----D---- C:\Windows 2011-06-22 14:18:40 ----D---- C:\Users\Kuba\AppData\Roaming\uTorrent 2011-06-22 14:02:51 ----D---- C:\Windows\system32\config 2011-06-22 13:45:50 ----D---- C:\ProgramData\NVIDIA 2011-06-21 14:51:20 ----D---- C:\Windows\System32 2011-06-21 14:51:20 ----D---- C:\Windows\inf 2011-06-21 14:51:20 ----A---- C:\Windows\system32\PerfStringBackup.INI 2011-06-21 11:19:41 ----SHD---- C:\System Volume Information 2011-06-19 21:16:06 ----SHD---- C:\Windows\Installer 2011-06-17 04:05:46 ----D---- C:\Windows\winsxs 2011-06-17 03:52:00 ----D---- C:\Program Files\Microsoft Silverlight 2011-06-17 03:50:43 ----D---- C:\Windows\system32\drivers 2011-06-17 03:50:43 ----D---- C:\Program Files\Internet Explorer 2011-06-17 03:04:35 ----D---- C:\ProgramData\Microsoft Help 2011-06-17 03:03:08 ----A---- C:\Windows\system32\MRT.exe 2011-06-17 03:01:49 ----D---- C:\Windows\system32\catroot 2011-06-16 04:20:12 ----D---- C:\Windows\system32\catroot2 2011-06-16 00:07:51 ----D---- C:\ProgramData\Solidshield 2011-06-11 03:00:05 ----D---- C:\Windows\system32\Tasks 2011-06-10 22:33:16 ----HD---- C:\Program Files\InstallShield Installation Information 2011-06-04 16:37:29 ----D---- C:\Program Files\Common Files\Steam 2011-06-02 16:09:58 ----D---- C:\Program Files\K-Lite Codec Pack 2011-05-31 17:13:56 ----D---- C:\ProgramData\OpenFM 2011-05-30 11:56:01 ----D---- C:\Windows\Prefetch 2011-05-29 02:33:13 ----D---- C:\ProgramData\Codemasters 2011-05-29 01:20:53 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE 2011-05-29 01:20:34 ----D---- C:\Program Files\Common Files\microsoft shared 2011-05-29 01:19:34 ----D---- C:\Program Files\BRS 2011-05-29 01:19:30 ----A---- C:\Windows\system32\OpenAL32.dll 2011-05-24 19:20:54 ----D---- C:\Windows\system32\pl-PL 2011-05-24 19:20:51 ----D---- C:\Windows\PolicyDefinitions 2011-05-24 19:20:50 ----D---- C:\Windows\system32\migration 2011-05-24 19:20:50 ----D---- C:\Windows\system32\en-US 2011-05-24 19:14:10 ----N---- C:\Windows\system32\MpSigStub.exe 2011-05-24 14:21:31 ----D---- C:\Windows\servicing 2011-05-24 12:48:03 ----D---- C:\Windows\system32\NDF ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-28 691696] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-07 218688] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792] R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2010-01-29 82320] R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-03-19 281760] R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520] R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-11-16 95896] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-03-19 25888] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 portio32;portio32; C:\Windows\system32\drivers\portio32.sys [2004-07-14 2048] R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-05-16 27632] R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136] R3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-02-18 41984] R3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;Sterownik filtru magistrali AGP AMD; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-05-16 13224] S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-05-16 25512] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176] S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-10-06 17664] S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-10-06 22016] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;Filtr magistrali AGP SIS; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;Filtr magistrali AGP VIA; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664] R2 Bonjour Service;Usługa Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-02-28 75064] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472] R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-11-22 718072] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-06-09 72704] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680] S3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-03-07 820520] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-06-04 403240] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-13 1343400] -----------------EOF----------------- [/log]
wirusolog komentarz 22 czerwca 2011 komentarz 22 czerwca 2011 [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code]:OTL [2010-12-19 23:37:21 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions\vshare@toolbar FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.2 :Commands [emptyflash] [resethosts] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. [b]2.[/b] Do odinstalowania w panelu sterowania paski sponsorowe : [b]DAEMON Tools Toolbar[/b] , [b]MediaGet DB Toolbar[/b] [b]3.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL + raport z usuwania.
swiatek94 komentarz 22 czerwca 2011 Autor komentarz 22 czerwca 2011 (edytowane) [log]->Temporary Internet Files folder emptied: 0 bytes User: Kuba ->Temp folder emptied: 3420639 bytes ->Temporary Internet Files folder emptied: 1554726 bytes ->Java cache emptied: 34727607 bytes ->FireFox cache emptied: 382107692 bytes ->Flash cache emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 757760 bytes %systemroot%\System32 .tmp files removed: 3238112 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 608 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 406,00 mb OTL by OldTimer - Version 3.2.24.1 log created on 06222011_210220 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] [log]OTL logfile created on: 2011-06-22 21:15:32 - Run 2 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 63,12% Memory free 6,50 Gb Paging File | 5,16 Gb Available in Paging File | 79,44% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 3,57 Gb Free Space | 10,43% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 7,54 Gb Free Space | 1,75% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-06-22 14:56:09 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe PRC - [2011-06-08 06:02:26 | 000,037,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe PRC - [2011-04-14 18:59:14 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-04-14 18:59:13 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-04-08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-04-07 22:43:34 | 000,612,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2011-04-07 22:43:20 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011-04-07 22:43:04 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2011-04-07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2011-03-07 16:33:40 | 000,421,160 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe PRC - [2011-03-07 16:33:34 | 000,820,520 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe PRC - [2011-02-18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010-12-16 07:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-11-22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 14:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 14:17:48 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\servicing\TrustedInstaller.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2010-11-20 14:17:30 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-11-20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-10-29 14:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2010-10-07 13:23:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2010-02-28 02:36:22 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 03:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dllhost.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2009-07-01 18:37:06 | 000,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2008-02-28 18:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2008-02-28 18:07:48 | 000,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe PRC - [2008-02-18 17:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-06-22 14:56:09 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe MOD - [2011-02-25 07:34:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2010-11-20 14:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 14:19:26 | 000,857,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2010-11-20 14:19:26 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-04 11:03:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-04-08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-04-07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-11-22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010-06-13 02:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-04-08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-02-07 17:53:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-05-16 22:49:27 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2010-05-16 22:48:26 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010-05-16 22:48:26 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2010-03-19 16:14:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-03-19 16:14:12 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-02-28 02:02:57 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009-11-16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon) DRV - [2009-10-06 12:56:34 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009-10-06 12:56:32 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2009-10-06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009-10-06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009-10-06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2009-10-06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-09-16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-07-14 11:51:24 | 000,002,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\portio32.sys -- (portio32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/mediaget/{0B7A993F-4927-4210-A6D8-99DD3EADA2EA} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-04-29 19:20:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-19 21:15:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-08-06 23:55:06 | 000,000,000 | ---D | M] [2010-02-27 05:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions [2011-06-21 11:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions [2011-02-07 17:50:35 | 000,002,059 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\daemon-search.xml [2011-01-21 02:19:36 | 000,002,374 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\search.xml [2010-12-19 23:37:36 | 000,001,583 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\web-search.xml [2011-04-29 19:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-01-15 23:12:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-01-25 23:43:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-04-27 18:29:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010-02-27 13:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions [2010-02-27 13:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} File not found (No name found) -- () (No name found) -- C:\USERS\KUBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LL6YTCLL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\KUBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LL6YTCLL.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2011-04-14 18:59:14 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2011-04-27 18:29:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-06-22 21:02:21 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O3 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 172.22.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{372d011a-32d2-11e0-bc97-001e8cb5dd95}\Shell - "" = AutoRun O33 - MountPoints2\{372d011a-32d2-11e0-bc97-001e8cb5dd95}\Shell\AutoRun\command - "" = F:\Razor1911_Installer.exe O33 - MountPoints2\{c0659e53-23fc-11df-a177-001e8cb5dd95}\Shell - "" = AutoRun O33 - MountPoints2\{c0659e53-23fc-11df-a177-001e8cb5dd95}\Shell\AutoRun\command - "" = F:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-06-22 21:02:20 | 000,000,000 | ---D | C] -- C:\_OTL [2011-06-22 20:30:19 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Theme1 [2011-06-22 16:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-06-22 16:27:36 | 000,000,000 | ---D | C] -- C:\rsit [2011-06-22 14:56:03 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe [2011-06-22 14:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-06-19 21:15:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011-06-19 19:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2 [2011-06-19 13:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Faction Armageddon [2011-06-11 03:24:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Duke Nukem Forever [2011-06-02 16:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-06-02 16:09:49 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2011-06-02 16:09:49 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2011-06-02 16:09:49 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2011-05-30 23:12:23 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011-05-29 21:06:18 | 008,643,584 | ---- | C] (ark) -- C:\Windows\System32\drivers\PictureDll.sys [2011-05-29 21:06:18 | 000,496,640 | ---- | C] (ark) -- C:\Windows\System32\drivers\FaceDll.sys [2011-05-29 21:06:18 | 000,031,104 | ---- | C] (usb camera) -- C:\Windows\System32\drivers\usbcamcl.sys [2011-05-29 21:06:18 | 000,019,968 | ---- | C] (usb camera) -- C:\Windows\System32\drivers\usbDecode.sys [2011-05-29 21:06:18 | 000,005,632 | ---- | C] (ark) -- C:\Windows\System32\drivers\FilterDll.sys [2011-05-29 21:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Camera [2011-05-29 01:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011-05-26 13:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2011-05-26 13:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2011-05-21 12:51:12 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011-05-21 12:38:50 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2011-05-21 01:29:08 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\The Witcher 2 [2011-05-21 01:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 2 [2011-05-15 22:07:12 | 000,043,520 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll [2011-05-03 17:01:46 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\AdobeStockPhotos [2011-04-27 18:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-06-22 21:10:48 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011-06-22 21:10:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-22 21:10:28 | 2616,549,376 | -HS- | M] () -- C:\hiberfil.sys [2011-06-22 21:09:14 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 21:09:14 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 21:09:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2011-06-22 21:02:21 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2011-06-22 20:30:07 | 001,768,015 | ---- | M] () -- C:\Users\Kuba\Desktop\Theme1.rar [2011-06-22 16:27:19 | 000,339,991 | ---- | M] () -- C:\Users\Kuba\Desktop\RSIT.exe [2011-06-22 16:19:24 | 000,000,600 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd [2011-06-22 14:56:09 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe [2011-06-22 14:37:36 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-06-22 00:01:59 | 005,959,657 | ---- | M] () -- C:\Users\Kuba\Desktop\01 Set Fire To The Rain.mp3 [2011-06-21 23:52:10 | 003,405,145 | ---- | M] () -- C:\Users\Kuba\Desktop\GrubSon - Przestań Się Bać (Remix).mp3 [2011-06-21 18:50:46 | 014,461,190 | ---- | M] () -- C:\Users\Kuba\Desktop\Adele - Set Fire To The Rain (Thomas Gold Remix) 4clubbers.pl by ORZEL.mp3 [2011-06-21 17:48:51 | 016,095,533 | ---- | M] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Original Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-21 14:51:20 | 000,687,590 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-06-21 14:51:20 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-06-21 14:51:20 | 000,131,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-06-21 14:51:20 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-06-21 14:49:43 | 016,614,848 | ---- | M] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Michael Calfan Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-19 21:15:57 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2011-06-19 19:34:02 | 000,000,921 | ---- | M] () -- C:\Users\Kuba\Desktop\AIMP2.lnk [2011-06-19 13:57:49 | 000,001,167 | ---- | M] () -- C:\Users\Kuba\Desktop\Red Faction Armageddon.lnk [2011-06-17 02:13:56 | 000,016,384 | ---- | M] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-16 00:08:48 | 000,001,667 | ---- | M] () -- C:\Users\Public\Desktop\DiRT 3.lnk [2011-05-29 21:06:18 | 000,000,021 | ---- | M] () -- C:\Windows\System32\camera.ini [2011-05-26 13:29:08 | 001,104,337 | ---- | M] () -- C:\Users\Kuba\Documents\everest przed.png [2011-05-26 13:27:58 | 000,001,108 | ---- | M] () -- C:\Users\Kuba\Desktop\EVEREST Ultimate Edition.lnk [2011-05-24 14:20:46 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 12:38:50 | 000,000,594 | ---- | M] () -- C:\Users\Kuba\Desktop\Fraps.lnk [2011-05-21 01:27:07 | 000,000,475 | ---- | M] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [2011-04-29 19:20:03 | 000,001,096 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-22 20:29:57 | 001,768,015 | ---- | C] () -- C:\Users\Kuba\Desktop\Theme1.rar [2011-06-22 16:27:17 | 000,339,991 | ---- | C] () -- C:\Users\Kuba\Desktop\RSIT.exe [2011-06-22 14:37:36 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-06-22 00:01:15 | 005,959,657 | ---- | C] () -- C:\Users\Kuba\Desktop\01 Set Fire To The Rain.mp3 [2011-06-21 23:48:14 | 003,405,145 | ---- | C] () -- C:\Users\Kuba\Desktop\GrubSon - Przestań Się Bać (Remix).mp3 [2011-06-21 18:50:04 | 014,461,190 | ---- | C] () -- C:\Users\Kuba\Desktop\Adele - Set Fire To The Rain (Thomas Gold Remix) 4clubbers.pl by ORZEL.mp3 [2011-06-21 17:48:04 | 016,095,533 | ---- | C] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Original Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-21 14:48:26 | 016,614,848 | ---- | C] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Michael Calfan Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-19 19:34:01 | 000,000,921 | ---- | C] () -- C:\Users\Kuba\Desktop\AIMP2.lnk [2011-06-19 13:57:49 | 000,001,167 | ---- | C] () -- C:\Users\Kuba\Desktop\Red Faction Armageddon.lnk [2011-06-02 16:09:49 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-06-02 16:09:49 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-06-02 16:09:49 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-06-02 16:09:49 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2011-06-02 16:09:49 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-05-29 21:06:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\face.ax [2011-05-29 21:06:18 | 000,028,672 | ---- | C] () -- C:\Windows\System32\CoUninstall.dll [2011-05-29 21:06:18 | 000,000,021 | ---- | C] () -- C:\Windows\System32\camera.ini [2011-05-29 01:20:34 | 000,001,346 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011-05-29 01:18:33 | 000,001,667 | ---- | C] () -- C:\Users\Public\Desktop\DiRT 3.lnk [2011-05-26 13:29:07 | 001,104,337 | ---- | C] () -- C:\Users\Kuba\Documents\everest przed.png [2011-05-26 13:27:22 | 000,001,108 | ---- | C] () -- C:\Users\Kuba\Desktop\EVEREST Ultimate Edition.lnk [2011-05-24 14:20:46 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 12:38:50 | 000,000,594 | ---- | C] () -- C:\Users\Kuba\Desktop\Fraps.lnk [2011-05-21 01:27:07 | 000,000,475 | ---- | C] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [2011-04-29 19:20:03 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-02-27 14:12:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-02-27 14:10:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-02-17 08:29:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2011-01-26 01:28:04 | 000,016,384 | ---- | C] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-31 02:33:53 | 000,000,600 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd [2010-12-06 15:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2010-11-26 00:38:22 | 000,002,048 | ---- | C] () -- C:\Windows\System32\drivers\portio32.sys [2010-06-21 23:46:40 | 000,039,712 | ---- | C] () -- C:\Windows\System32\ASL.dll [2010-05-18 22:28:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010-05-18 22:25:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010-03-19 16:14:12 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-03-19 16:14:12 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-02-28 02:36:51 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-02-28 02:36:51 | 000,138,056 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\PnkBstrK.sys [2010-02-28 02:36:24 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010-02-28 02:36:22 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe [2010-02-28 02:36:22 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010-02-27 15:07:24 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini [2010-02-27 06:03:33 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-10-05 12:10:18 | 000,007,274 | ---- | C] () -- C:\Windows\cadx2.ini [2009-07-14 10:07:57 | 000,687,590 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-07-14 10:07:57 | 000,131,176 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 06:33:53 | 000,421,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 04:05:48 | 000,606,992 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 04:05:48 | 000,103,370 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2004-08-13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2002-09-18 00:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe [2001-08-29 15:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\System32\DK2WIN32.DLL [color=#E56717]========== LOP Check ==========[/color] [2011-05-21 11:40:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\abgx360 [2011-02-28 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer [2010-02-27 17:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bioshock2 [2010-09-18 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bump Technologies, Inc [2010-03-22 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Command and Conquer 4 [2010-02-28 01:46:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools [2010-03-02 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite [2010-05-20 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Gadu-Gadu 10 [2010-03-02 18:16:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ImgBurn [2010-09-29 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Leadertech [2011-01-09 22:54:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\mkvtoolnix [2010-12-23 16:34:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Nokia [2011-01-07 03:09:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++ [2010-08-15 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\OpenFM [2010-09-12 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PMS [2010-03-24 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Prison Break [2010-02-28 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Red Alert 3 [2010-07-30 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Samsung [2010-06-30 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sports Interactive [2011-03-19 01:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\The Creative Assembly [2011-02-17 01:22:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Tunngle [2010-02-27 15:21:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft [2011-06-22 21:17:31 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent [2011-04-13 11:34:35 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8CE646EE < End of report > [/log] [log]OTL Extras logfile created on: 2011-06-22 21:15:32 - Run 2 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 63,12% Memory free 6,50 Gb Paging File | 5,16 Gb Available in Paging File | 79,44% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 3,57 Gb Free Space | 10,43% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 7,54 Gb Free Space | 1,75% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Społeczności "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1871FE54-36AA-478F-B374-A46BA54474CC}" = ESET NOD32 Antivirus "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1BF4CB15-6055-452A-8487-021AE2D91208}" = Crysis® 2 Demo "{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands "{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24 "{2A0A6470-FD0F-4F45-9B11-85F3167DB943}" = Nokia Flashing Cable Driver "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3DAD83B9-4C8B-4AC6-BF5E-B9FB181CCBE8}" = Nokia Service Tool Drivers "{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010 "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{58D4FB3A-98E9-4B9B-B01E-7F005AEFE019}" = PC Camera "{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004 "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{7BA8B6CB-6FF4-4AD4-AFA6-CFEABBEF8607}_is1" = Mafia.2.DLC-Gardzij wersja 1.0 "{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{92DA4424-0CFB-44D1-A08B-B63D5D8BEFBC}_is1" = Phoenix Service Software 2010.8.4.41526 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Społeczności "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.5 - Polish "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 270.61 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.1.34 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Społeczności Na wakacjach "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game "{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "abgx360" = abgx360 v1.0.5 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "AIMP2" = AIMP2 "AviSynth" = AviSynth 2.5 "CanonMyPrinter" = Canon Utilities My Printer "CCleaner" = CCleaner "Cheat Engine 6.0_is1" = Cheat Engine 6.0 "Cities XL 2011" = Cities XL 2011 "DAEMON Tools Lite" = DAEMON Tools Lite "Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0 "Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4 Beta-2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "FormatFactory" = FormatFactory 2.60 "Fraps" = Fraps (remove only) "Gadu-Gadu 10" = Gadu-Gadu 10 "GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010 "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "ImgBurn" = ImgBurn "KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Full) "MKVtoolnix" = MKVtoolnix 4.4.0 "Mozilla Firefox 4.0.1 (x86 pl)" = Mozilla Firefox 4.0.1 (x86 pl) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "Notepad++" = Notepad++ "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Postal 2_is1" = Portal 2 "PS3 Media Server" = PS3 Media Server "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.2 "Red Faction Armageddon_is1" = 1.0 "SopCast" = SopCast 3.2.9 "Test Drive Unlimited 2_is1" = Test Drive Unlimited 2 "Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204 "Tunngle beta_is1" = Tunngle beta "UltraISO_is1" = UltraISO Premium V9.36 "UnderCoverXP_is1" = UnderCoverXP 1.23 "Update Service" = Update Service "uTorrent" = µTorrent "VirtualDubMod" = VirtualDubMod 1.5.10.2 PL "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "winscp3_is1" = WinSCP 4.2.9 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Kuba at 2011-06-22 21:20:15 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 4 GB (10%) free of 35 GB Total RAM: 3327 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:20:27, on 2011-06-22 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Gadu-Gadu 10\gg.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Users\Kuba\Desktop\RSIT.exe C:\Program Files\trend micro\Kuba.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/mediaget/{0B7A993F-4927-4210-A6D8-99DD3EADA2EA} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ˙ţ127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Gadu-Gadu 10] "C:\Program Files\Gadu-Gadu 10\gg.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-21-4215226204-2208899973-833160735-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-4215226204-2208899973-833160735-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Usługa Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Usługa iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe -- End of file - 7235 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-27 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 1983816] "egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-03-07 421160] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadu-Gadu 10"=C:\Program Files\Gadu-Gadu 10\gg.exe [2010-12-16 12984928] "uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-03-24 399736] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408] "Steam"=C:\Program Files\Steam\Steam.exe [2011-03-16 1242448] C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2011-06-22 21:02:20 ----D---- C:\_OTL 2011-06-22 16:27:37 ----D---- C:\Program Files\trend micro 2011-06-22 16:27:36 ----D---- C:\rsit 2011-06-22 14:37:35 ----D---- C:\Program Files\CCleaner 2011-06-19 21:15:47 ----SHD---- C:\Config.Msi 2011-06-19 19:34:01 ----D---- C:\Program Files\AIMP2 2011-06-17 03:01:44 ----A---- C:\Windows\system32\mshtmled.dll 2011-06-17 03:01:44 ----A---- C:\Windows\system32\jscript9.dll 2011-06-17 03:01:44 ----A---- C:\Windows\system32\jscript.dll 2011-06-17 03:01:44 ----A---- C:\Windows\system32\ieui.dll 2011-06-17 03:01:44 ----A---- C:\Windows\system32\iertutil.dll 2011-06-17 03:01:43 ----A---- C:\Windows\system32\mshtml.dll 2011-06-17 03:01:43 ----A---- C:\Windows\system32\ieframe.dll 2011-06-17 03:01:42 ----A---- C:\Windows\system32\urlmon.dll 2011-06-16 04:29:16 ----A---- C:\Windows\system32\drivers\srvnet.sys 2011-06-16 04:29:16 ----A---- C:\Windows\system32\drivers\srv2.sys 2011-06-16 04:29:16 ----A---- C:\Windows\system32\drivers\srv.sys 2011-06-16 04:29:01 ----A---- C:\Windows\system32\drivers\tcpip.sys 2011-06-16 04:29:00 ----A---- C:\Windows\system32\drivers\afd.sys 2011-06-16 04:26:16 ----A---- C:\Windows\system32\oleaut32.dll 2011-06-16 04:22:32 ----A---- C:\Windows\system32\inetcomm.dll 2011-06-16 04:20:02 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2011-06-16 04:20:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2011-06-16 04:20:02 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2011-06-02 16:09:49 ----A---- C:\Windows\system32\yv12vfw.dll 2011-06-02 16:09:49 ----A---- C:\Windows\system32\xvidvfw.dll 2011-06-02 16:09:49 ----A---- C:\Windows\system32\xvidcore.dll 2011-06-02 16:09:49 ----A---- C:\Windows\system32\ff_vfw.dll.manifest 2011-06-02 16:09:49 ----A---- C:\Windows\system32\ff_vfw.dll 2011-06-02 16:09:49 ----A---- C:\Windows\avisplitter.ini 2011-05-30 23:12:23 ----D---- C:\Windows\pss 2011-05-29 21:06:18 ----A---- C:\Windows\system32\mpg4c32.dll 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\usbDecode.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\usbcamcl.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\PictureDll.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\FilterDll.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\drivers\FaceDll.sys 2011-05-29 21:06:18 ----A---- C:\Windows\system32\CoUninstall.dll 2011-05-29 21:06:18 ----A---- C:\Windows\system32\camera.ini 2011-05-26 13:27:19 ----D---- C:\Program Files\Lavalys 2011-05-24 14:20:46 ----A---- C:\Windows\system32\wininet.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\wextract.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\webcheck.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\vbscript.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\url.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\pngfilt.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\occache.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msrating.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msls31.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\mshtmler.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\mshta.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msfeedssync.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msfeedsbs.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\msfeeds.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\licmgr10.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\jsproxy.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\inseng.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\imgutil.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iexpress.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieUnatt.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iesysprep.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iesetup.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iernonce.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iepeers.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\iedkcs32.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieapfltr.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieakui.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieaksie.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ieakeng.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\IEAdvpack.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\ie4uinit.exe 2011-05-24 14:20:46 ----A---- C:\Windows\system32\icardie.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\dxtrans.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\dxtmsft.dll 2011-05-24 14:20:46 ----A---- C:\Windows\system32\admparse.dll 2011-05-24 13:17:03 ----A---- C:\Windows\system32\poqexec.exe ======List of files/folders modified in the last 1 months====== 2011-06-22 21:20:26 ----D---- C:\Windows\Temp 2011-06-22 21:20:23 ----D---- C:\Windows\tracing 2011-06-22 21:20:15 ----D---- C:\Users\Kuba\AppData\Roaming\uTorrent 2011-06-22 21:14:19 ----D---- C:\Windows\system32\config 2011-06-22 21:11:49 ----D---- C:\Program Files\Steam 2011-06-22 21:10:50 ----D---- C:\ProgramData\NVIDIA 2011-06-22 21:10:28 ----RD---- C:\Program Files 2011-06-22 21:10:28 ----D---- C:\Windows 2011-06-22 21:08:51 ----D---- C:\Program Files\DAEMON Tools Toolbar 2011-06-22 21:03:20 ----D---- C:\Windows\System32 2011-06-22 21:02:21 ----D---- C:\Windows\system32\drivers\etc 2011-06-22 16:35:48 ----D---- C:\Users\Kuba\AppData\Roaming\Winamp 2011-06-22 14:43:17 ----D---- C:\Users\Kuba\AppData\Roaming\Media Player Classic 2011-06-22 14:43:13 ----D---- C:\Windows\Logs 2011-06-22 14:43:13 ----D---- C:\Windows\debug 2011-06-21 14:51:20 ----D---- C:\Windows\inf 2011-06-21 14:51:20 ----A---- C:\Windows\system32\PerfStringBackup.INI 2011-06-21 11:19:41 ----SHD---- C:\System Volume Information 2011-06-19 21:16:06 ----SHD---- C:\Windows\Installer 2011-06-17 04:05:46 ----D---- C:\Windows\winsxs 2011-06-17 03:52:00 ----D---- C:\Program Files\Microsoft Silverlight 2011-06-17 03:50:43 ----D---- C:\Windows\system32\drivers 2011-06-17 03:50:43 ----D---- C:\Program Files\Internet Explorer 2011-06-17 03:04:35 ----D---- C:\ProgramData\Microsoft Help 2011-06-17 03:03:08 ----A---- C:\Windows\system32\MRT.exe 2011-06-17 03:01:49 ----D---- C:\Windows\system32\catroot 2011-06-16 04:20:12 ----D---- C:\Windows\system32\catroot2 2011-06-16 00:07:51 ----D---- C:\ProgramData\Solidshield 2011-06-11 03:00:05 ----D---- C:\Windows\system32\Tasks 2011-06-10 22:33:16 ----HD---- C:\Program Files\InstallShield Installation Information 2011-06-04 16:37:29 ----D---- C:\Program Files\Common Files\Steam 2011-06-02 16:09:58 ----D---- C:\Program Files\K-Lite Codec Pack 2011-05-31 17:13:56 ----D---- C:\ProgramData\OpenFM 2011-05-30 11:56:01 ----D---- C:\Windows\Prefetch 2011-05-29 02:33:13 ----D---- C:\ProgramData\Codemasters 2011-05-29 01:20:53 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE 2011-05-29 01:20:34 ----D---- C:\Program Files\Common Files\microsoft shared 2011-05-29 01:19:34 ----D---- C:\Program Files\BRS 2011-05-29 01:19:30 ----A---- C:\Windows\system32\OpenAL32.dll 2011-05-24 19:20:54 ----D---- C:\Windows\system32\pl-PL 2011-05-24 19:20:51 ----D---- C:\Windows\PolicyDefinitions 2011-05-24 19:20:50 ----D---- C:\Windows\system32\migration 2011-05-24 19:20:50 ----D---- C:\Windows\system32\en-US 2011-05-24 19:14:10 ----N---- C:\Windows\system32\MpSigStub.exe 2011-05-24 14:21:31 ----D---- C:\Windows\servicing 2011-05-24 12:48:03 ----D---- C:\Windows\system32\NDF ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-02-28 691696] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-07 218688] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792] R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2010-01-29 82320] R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-03-19 281760] R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520] R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-11-16 95896] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-03-19 25888] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810] R3 portio32;portio32; C:\Windows\system32\drivers\portio32.sys [2004-07-14 2048] R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-05-16 27632] R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136] S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;Sterownik filtru magistrali AGP AMD; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-05-16 13224] S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-05-16 25512] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176] S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-10-06 17664] S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-10-06 22016] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;Filtr magistrali AGP SIS; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-02-18 41984] S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056] S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864] S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;Filtr magistrali AGP VIA; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664] R2 Bonjour Service;Usługa Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-02-28 75064] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472] R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-11-22 718072] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] R3 iPod Service;Usługa iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-03-07 820520] R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-06-09 72704] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-06-04 403240] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-13 1343400] -----------------EOF----------------- [/log] [log]All processes killed ========== OTL ========== C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions\vshare@toolbar\modules folder moved successfully. C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions\vshare@toolbar\locale\en-US folder moved successfully. C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions\vshare@toolbar\locale folder moved successfully. C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions\vshare@toolbar\components folder moved successfully. C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions\vshare@toolbar\chrome folder moved successfully. C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions\vshare@toolbar folder moved successfully. Prefs.js: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q=" removed from keyword.URL Prefs.js: vshare@toolbar:1.0.2 removed from extensions.enabledItems ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default User: Default User User: Kuba ->Flash cache emptied: 2024 bytes User: Public User: UpdatusUser Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Kuba ->Temp folder emptied: 3420639 bytes ->Temporary Internet Files folder emptied: 1554726 bytes ->Java cache emptied: 34727607 bytes ->FireFox cache emptied: 382107692 bytes ->Flash cache emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 757760 bytes %systemroot%\System32 .tmp files removed: 3238112 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 608 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 406,00 mb OTL by OldTimer - Version 3.2.24.1 log created on 06222011_210220 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log]
wirusolog komentarz 22 czerwca 2011 komentarz 22 czerwca 2011 (edytowane) Ja tu widzę niekompletny raport + brak logów z OTL'a. Uzupełnij!
swiatek94 komentarz 22 czerwca 2011 Autor komentarz 22 czerwca 2011 Wybacz, w momencie dodania pierwszego loga skanowałem dopiero komputer OTL i RSIT. Wszystko już poprawione
wirusolog komentarz 22 czerwca 2011 komentarz 22 czerwca 2011 (edytowane) Drobna poprawka + kroki końcowe. [hr] [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code]:OTL O3 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. [2011-02-07 17:50:35 | 000,002,059 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\daemon-search.xml [2011-01-21 02:19:36 | 000,002,374 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\search.xml [2010-12-19 23:37:36 | 000,001,583 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\web-search.xml @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8CE646EE :Reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.stronastartowa.com/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.stronastartowa.com/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=- "NBKeyScan"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "QuickTime Task"=- "iTunesHelper"=- "SunJavaUpdateSched"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"=- "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- "DAEMON Tools Lite"=- "Steam"=- [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2] [/code] Kliknij [b]Wykonaj Skrypt[/b]. Tym razem restartu nie będzie a pojawi się odrazu notatnik, zamknij go. [b]2.[/b] W OTL wcisnij przycisk [b]Sprzątanie[/b] [b]3.[/b] [size="1"][quote] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = [b]Java™ 6 Update 24[/b] "{AC76BA86-7AD7-1045-7B44-A94000000001}" = [b]Adobe Reader 9.4.5 - Polish[/b] "Adobe Flash Player Plugin" = [b]Adobe Flash Player 10 Plugin[/b] "Mozilla Firefox 4.0.1 (x86 pl)" = [b]Mozilla Firefox 4.0.1 (x86 pl)[/b] [/quote][/size] [list] [*]Aktualizacja przeglądarki [url="http://www.mozilla-europe.org/pl/firefox/"][color="#0000FF"][b]Firefox 5.0[/b][/color][/url]. [*]Wszystkie stare Java odinstaluj, w zamian instalacja [url="http://www.oracle.com/technetwork/java/javase/downloads/index.html"][color="#0000FF"][b]Java 6 Update 26 (JRE)[/b][/color][/url] [*]Podobnie z Adobe Reader, deinstalacja + wstaw [url="http://get.adobe.com/reader/"][color="#0000FF"][b]Adobe Reader X (10.1)[/b][/color][/url] (nie zaznaczaj montażu sponsora McAfee). [*]Nie widzę tu wersji Adobe Flash, na wszelki wypadek podsuwam do aktualizacji [url="http://get.adobe.com/flashplayer/"][color="#0000FF"][b]Adobe Flash Player 10.3.181.26[/b][/color][/url]. [/list] [b]4.[/b] Do wyczyszczenia punkty przywracania systemu: [url=http://www.searchengines.pl/Czyszczenie-punktow-przywracania-systemu-t141981.html][b][color="#0000FF"][u]LINK[/url][/b][/color][/u] [b]5.[/b] Zalecam pełne skanowania [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów) + [url=http://www.dobreprogramy.pl/Dr.WEB-CureIt,Program,Windows,12976.html][b][color="#0000FF"][u]Dr.Web CureIt![/url][/b][/color][/u].
swiatek94 komentarz 23 czerwca 2011 Autor komentarz 23 czerwca 2011 (edytowane) Ogromne dzięki za pomoc !! Dla pewności podaje log końcowy z OTL [log]OTL logfile created on: 2011-06-23 02:35:12 - Run 2 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 63,50% Memory free 6,50 Gb Paging File | 5,24 Gb Available in Paging File | 80,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 2,98 Gb Free Space | 8,71% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 3,12 Gb Free Space | 0,72% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-06-23 01:33:50 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe PRC - [2011-06-16 06:51:12 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-06-16 06:51:12 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-04-08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2011-04-08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-04-07 22:43:34 | 000,612,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2011-04-07 22:43:20 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011-04-07 22:43:04 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2011-04-07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-02-18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010-11-22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-11-20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-10-07 13:23:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2010-08-07 13:38:00 | 001,262,592 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\AIMP2.exe PRC - [2010-02-28 02:36:22 | 000,075,064 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:35 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 03:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dllhost.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-02-18 17:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-06-23 01:33:50 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe MOD - [2011-02-25 07:34:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2010-11-20 14:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 14:19:26 | 000,857,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2010-11-20 14:19:26 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-06-04 11:03:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-04-08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-04-07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-11-22 23:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2010-06-13 02:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-04-08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-02-07 17:53:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-05-16 22:49:27 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2010-05-16 22:48:26 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010-05-16 22:48:26 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2010-03-19 16:14:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-03-19 16:14:12 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-02-28 02:02:57 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009-11-16 09:06:52 | 000,095,896 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon) DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-09-16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-07-14 11:51:24 | 000,002,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\portio32.sys -- (portio32) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.stronastartowa.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.stronastartowa.com/ IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Web Search..." FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-23 00:50:32 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-23 01:23:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-08-06 23:55:06 | 000,000,000 | ---D | M] [2010-02-27 05:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions [2011-06-21 11:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions [2011-06-23 01:19:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-01-15 23:12:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2011-01-25 23:43:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-06-23 01:19:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2010-02-27 13:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions [2010-02-27 13:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} File not found (No name found) -- () (No name found) -- C:\USERS\KUBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LL6YTCLL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\KUBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LL6YTCLL.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2011-06-16 06:51:12 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2011-06-23 01:19:45 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010-01-01 10:00:00 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-01-01 10:00:00 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-01-01 10:00:00 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-01-01 10:00:00 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-01-01 10:00:00 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-01-01 10:00:00 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-06-22 21:02:21 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 172.22.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "bootini" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-06-23 01:34:37 | 000,000,000 | ---D | C] -- C:\_OTL [2011-06-23 01:33:43 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe [2011-06-23 01:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-06-23 01:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\Sun [2011-06-23 01:13:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011-06-22 20:30:19 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Theme1 [2011-06-22 16:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2011-06-22 14:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011-06-19 19:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\AIMP2 [2011-06-19 13:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Faction Armageddon [2011-06-11 03:24:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Duke Nukem Forever [2011-06-02 16:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-06-02 16:09:49 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2011-06-02 16:09:49 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2011-06-02 16:09:49 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2011-05-30 23:12:23 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011-05-29 21:06:18 | 008,643,584 | ---- | C] (ark) -- C:\Windows\System32\drivers\PictureDll.sys [2011-05-29 21:06:18 | 000,496,640 | ---- | C] (ark) -- C:\Windows\System32\drivers\FaceDll.sys [2011-05-29 21:06:18 | 000,031,104 | ---- | C] (usb camera) -- C:\Windows\System32\drivers\usbcamcl.sys [2011-05-29 21:06:18 | 000,019,968 | ---- | C] (usb camera) -- C:\Windows\System32\drivers\usbDecode.sys [2011-05-29 21:06:18 | 000,005,632 | ---- | C] (ark) -- C:\Windows\System32\drivers\FilterDll.sys [2011-05-29 21:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Camera [2011-05-29 01:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011-05-26 13:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2011-05-26 13:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2011-05-21 12:51:12 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011-05-21 12:38:50 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2011-05-21 01:29:08 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\The Witcher 2 [2011-05-21 01:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 2 [2011-05-15 22:07:12 | 000,043,520 | ---- | C] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll [2011-05-03 17:01:46 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\AdobeStockPhotos [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-06-23 01:43:12 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-23 01:43:12 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-23 01:35:58 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011-06-23 01:35:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-23 01:35:34 | 2616,549,376 | -HS- | M] () -- C:\hiberfil.sys [2011-06-23 01:34:42 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2011-06-23 01:33:50 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe [2011-06-23 01:23:58 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011-06-23 00:50:36 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-06-22 21:02:21 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2011-06-22 20:30:07 | 001,768,015 | ---- | M] () -- C:\Users\Kuba\Desktop\Theme1.rar [2011-06-22 16:19:24 | 000,000,600 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd [2011-06-22 14:37:36 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-06-22 00:01:59 | 005,959,657 | ---- | M] () -- C:\Users\Kuba\Desktop\01 Set Fire To The Rain.mp3 [2011-06-21 23:52:10 | 003,405,145 | ---- | M] () -- C:\Users\Kuba\Desktop\GrubSon - Przestań Się Bać (Remix).mp3 [2011-06-21 18:50:46 | 014,461,190 | ---- | M] () -- C:\Users\Kuba\Desktop\Adele - Set Fire To The Rain (Thomas Gold Remix) 4clubbers.pl by ORZEL.mp3 [2011-06-21 17:48:51 | 016,095,533 | ---- | M] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Original Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-21 14:51:20 | 000,687,590 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-06-21 14:51:20 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-06-21 14:51:20 | 000,131,176 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-06-21 14:51:20 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-06-21 14:49:43 | 016,614,848 | ---- | M] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Michael Calfan Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-19 19:34:02 | 000,000,921 | ---- | M] () -- C:\Users\Kuba\Desktop\AIMP2.lnk [2011-06-19 13:57:49 | 000,001,167 | ---- | M] () -- C:\Users\Kuba\Desktop\Red Faction Armageddon.lnk [2011-06-17 02:13:56 | 000,016,384 | ---- | M] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-16 00:08:48 | 000,001,667 | ---- | M] () -- C:\Users\Public\Desktop\DiRT 3.lnk [2011-05-29 21:06:18 | 000,000,021 | ---- | M] () -- C:\Windows\System32\camera.ini [2011-05-26 13:29:08 | 001,104,337 | ---- | M] () -- C:\Users\Kuba\Documents\everest przed.png [2011-05-26 13:27:58 | 000,001,108 | ---- | M] () -- C:\Users\Kuba\Desktop\EVEREST Ultimate Edition.lnk [2011-05-24 14:20:46 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 12:38:50 | 000,000,594 | ---- | M] () -- C:\Users\Kuba\Desktop\Fraps.lnk [2011-05-21 01:27:07 | 000,000,475 | ---- | M] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-23 01:23:58 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011-06-23 01:23:58 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011-06-22 20:29:57 | 001,768,015 | ---- | C] () -- C:\Users\Kuba\Desktop\Theme1.rar [2011-06-22 14:37:36 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011-06-22 00:01:15 | 005,959,657 | ---- | C] () -- C:\Users\Kuba\Desktop\01 Set Fire To The Rain.mp3 [2011-06-21 23:48:14 | 003,405,145 | ---- | C] () -- C:\Users\Kuba\Desktop\GrubSon - Przestań Się Bać (Remix).mp3 [2011-06-21 18:50:04 | 014,461,190 | ---- | C] () -- C:\Users\Kuba\Desktop\Adele - Set Fire To The Rain (Thomas Gold Remix) 4clubbers.pl by ORZEL.mp3 [2011-06-21 17:48:04 | 016,095,533 | ---- | C] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Original Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-21 14:48:26 | 016,614,848 | ---- | C] () -- C:\Users\Kuba\Desktop\Michael Canitrot ft. Ron Carroll – When You Got Love (Michael Calfan Mix) by QSHMAN (ACE)4clubbers.com.pl.mp3 [2011-06-19 19:34:01 | 000,000,921 | ---- | C] () -- C:\Users\Kuba\Desktop\AIMP2.lnk [2011-06-19 13:57:49 | 000,001,167 | ---- | C] () -- C:\Users\Kuba\Desktop\Red Faction Armageddon.lnk [2011-06-02 16:09:49 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-06-02 16:09:49 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-06-02 16:09:49 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-06-02 16:09:49 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2011-06-02 16:09:49 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-05-29 21:06:18 | 000,073,728 | ---- | C] () -- C:\Windows\System32\face.ax [2011-05-29 21:06:18 | 000,028,672 | ---- | C] () -- C:\Windows\System32\CoUninstall.dll [2011-05-29 21:06:18 | 000,000,021 | ---- | C] () -- C:\Windows\System32\camera.ini [2011-05-29 01:20:34 | 000,001,346 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011-05-29 01:18:33 | 000,001,667 | ---- | C] () -- C:\Users\Public\Desktop\DiRT 3.lnk [2011-05-26 13:29:07 | 001,104,337 | ---- | C] () -- C:\Users\Kuba\Documents\everest przed.png [2011-05-26 13:27:22 | 000,001,108 | ---- | C] () -- C:\Users\Kuba\Desktop\EVEREST Ultimate Edition.lnk [2011-05-24 14:20:46 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 12:38:50 | 000,000,594 | ---- | C] () -- C:\Users\Kuba\Desktop\Fraps.lnk [2011-05-21 01:27:07 | 000,000,475 | ---- | C] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [2011-04-29 19:20:03 | 000,001,104 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-02-27 14:12:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-02-27 14:10:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-02-17 08:29:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2011-01-26 01:28:04 | 000,016,384 | ---- | C] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-31 02:33:53 | 000,000,600 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd [2010-12-06 15:58:56 | 002,496,715 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2010-11-26 00:38:22 | 000,002,048 | ---- | C] () -- C:\Windows\System32\drivers\portio32.sys [2010-06-21 23:46:40 | 000,039,712 | ---- | C] () -- C:\Windows\System32\ASL.dll [2010-05-18 22:28:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010-05-18 22:25:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010-03-19 16:14:12 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010-03-19 16:14:12 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010-02-28 02:36:51 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010-02-28 02:36:51 | 000,138,056 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\PnkBstrK.sys [2010-02-28 02:36:24 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010-02-28 02:36:22 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe [2010-02-28 02:36:22 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010-02-27 15:07:24 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini [2010-02-27 06:03:33 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-10-05 12:10:18 | 000,007,274 | ---- | C] () -- C:\Windows\cadx2.ini [2009-07-14 10:07:57 | 000,687,590 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-07-14 10:07:57 | 000,131,176 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 06:33:53 | 000,421,264 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 04:05:48 | 000,606,992 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 04:05:48 | 000,103,370 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2004-08-13 09:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2002-09-18 00:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe [2001-08-29 15:11:40 | 000,398,848 | R--- | C] () -- C:\Windows\System32\DK2WIN32.DLL [color=#E56717]========== LOP Check ==========[/color] [2011-05-21 11:40:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\abgx360 [2011-02-28 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer [2010-02-27 17:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bioshock2 [2010-09-18 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bump Technologies, Inc [2010-03-22 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Command and Conquer 4 [2010-02-28 01:46:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools [2010-03-02 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite [2010-05-20 22:11:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Gadu-Gadu 10 [2010-03-02 18:16:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ImgBurn [2010-09-29 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Leadertech [2011-01-09 22:54:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\mkvtoolnix [2010-12-23 16:34:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Nokia [2011-06-23 01:04:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++ [2010-08-15 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\OpenFM [2010-09-12 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PMS [2010-03-24 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Prison Break [2010-02-28 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Red Alert 3 [2010-07-30 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Samsung [2010-06-30 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sports Interactive [2011-03-19 01:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\The Creative Assembly [2011-02-17 01:22:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Tunngle [2010-02-27 15:21:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft [2011-06-23 01:52:17 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent [2011-04-13 11:34:35 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2010-02-27 05:17:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2011-06-23 01:35:34 | 2616,549,376 | -HS- | M] () -- C:\hiberfil.sys [2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-07-14 00:22:47 | 000,010,194 | ---- | M] () -- C:\MP4debug.log [2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-09-11 15:06:35 | 000,271,082 | RHS- | M] () -- C:\PTRQH [2010-09-11 15:06:35 | 000,000,020 | RHS- | M] () -- C:\win7.ld [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 2011-06-23 02:35:12 - Run 2 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 63,50% Memory free 6,50 Gb Paging File | 5,24 Gb Available in Paging File | 80,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 2,98 Gb Free Space | 8,71% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 3,12 Gb Free Space | 0,72% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Społeczności "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1871FE54-36AA-478F-B374-A46BA54474CC}" = ESET NOD32 Antivirus "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands "{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26 "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26 "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010 "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{58D4FB3A-98E9-4B9B-B01E-7F005AEFE019}" = PC Camera "{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004 "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1 "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{7BA8B6CB-6FF4-4AD4-AFA6-CFEABBEF8607}_is1" = Mafia.2.DLC-Gardzij wersja 1.0 "{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{D45F91DE-F0FC-4D5F-9A0C-FDE5B251AAC6}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{79EB535E-76E4-4356-8146-A24EE55AB69D}" = Microsoft Office 2007 Service Pack 2 (SP2) "{92DA4424-0CFB-44D1-A08B-B63D5D8BEFBC}_is1" = Phoenix Service Software 2010.8.4.41526 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Społeczności "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 270.61 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.1.34 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Społeczności Na wakacjach "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game "{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "abgx360" = abgx360 v1.0.5 "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "AIMP2" = AIMP2 "AviSynth" = AviSynth 2.5 "CanonMyPrinter" = Canon Utilities My Printer "CCleaner" = CCleaner "Cheat Engine 6.0_is1" = Cheat Engine 6.0 "Cities XL 2011" = Cities XL 2011 "DAEMON Tools Lite" = DAEMON Tools Lite "Deluxe Ski Jump 3_is1" = Deluxe Ski Jump 3 v1.7.0 "Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4 Beta-2 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "FormatFactory" = FormatFactory 2.60 "Fraps" = Fraps (remove only) "Gadu-Gadu 10" = Gadu-Gadu 10 "GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010 "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "ImgBurn" = ImgBurn "KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Full) "MKVtoolnix" = MKVtoolnix 4.4.0 "Mozilla Firefox 5.0 (x86 pl)" = Mozilla Firefox 5.0 (x86 pl) "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Postal 2_is1" = Portal 2 "PS3 Media Server" = PS3 Media Server "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.2 "Red Faction Armageddon_is1" = 1.0 "SopCast" = SopCast 3.2.9 "Test Drive Unlimited 2_is1" = Test Drive Unlimited 2 "Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204 "Tunngle beta_is1" = Tunngle beta "UltraISO_is1" = UltraISO Premium V9.36 "UnderCoverXP_is1" = UnderCoverXP 1.23 "Update Service" = Update Service "uTorrent" = µTorrent "VirtualDubMod" = VirtualDubMod 1.5.10.2 PL "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "winscp3_is1" = WinSCP 4.2.9 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] Mam tylko małe pytania, czy NOD32 to dobry antywirus, czy zmienić go na jakiś inny ? Jak często saknować komputer antywirusami które Mi podałeś ? Pozdrawiam
wirusolog komentarz 23 czerwca 2011 komentarz 23 czerwca 2011 (edytowane) Logi sa czyste. [quote name='swiatek94' timestamp='1308789586' post='1283607'] Mam tylko małe pytania, czy NOD32 to dobry antywirus, czy zmienić go na jakiś inny ? [/quote] NOD32 to bardzo dobre zabezpieczenie, ale jako, że masz wersję ANTYVIRUS lepiej zamontuj dodatkowo w systemie [url=http://www.dobreprogramy.pl/Comodo-Internet-Security,Program,Windows,12952.html][b][color=blue][u]Comodo Firewall[/url][/b][/color][/u]. Podczas instalacji [b]odhaczykuj montowanie[/b] ANTYVIRUSA a jedynie zostaw haczyk przy Firewall'u. [quote name='swiatek94' timestamp='1308789586' post='1283607'] Jak często saknować komputer antywirusami które Mi podałeś ? [/quote] To zależy. Osobiście uważam, że raz w tygodniu starczy, [b]nie zapomnij o aktualizacjach bazy wirusów[/b] ze strony MBAM i aktualizacja [b]całego programu[/b] ze strony Dr.Web CureIt!.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.