Kicuch utworzono 22 czerwca 2011 utworzono 22 czerwca 2011 Od paru dni komputer spowolniał. OTL.txt [log]OTL logfile created on: 2011-06-22 16:20:15 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Łukasz\Downloads\Programs Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,66% Memory free 6,00 Gb Paging File | 4,81 Gb Available in Paging File | 80,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78,03 Gb Total Space | 29,76 Gb Free Space | 38,14% Space Free | Partition Type: NTFS Drive D: | 358,06 Gb Total Space | 19,40 Gb Free Space | 5,42% Space Free | Partition Type: NTFS Computer Name: ŁUKASZ-KOMPUTER | User Name: Łukasz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-06-22 16:18:57 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Downloads\Programs\OTL.exe PRC - [2011-06-14 01:52:23 | 001,011,768 | ---- | M] (Google Inc.) -- C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2011-05-25 09:25:02 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2011-05-25 09:24:57 | 000,615,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2011-05-25 09:24:56 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011-04-05 19:55:34 | 003,278,232 | ---- | M] (Tonec Inc.) -- D:\Internet Download Manager\IDMan.exe PRC - [2011-03-19 01:14:32 | 000,075,136 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2011-02-27 21:44:04 | 002,007,552 | ---- | M] () -- D:\Foobar2000\foobar2000.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-02-24 15:32:20 | 010,025,576 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe PRC - [2011-01-24 23:52:49 | 000,151,622 | ---- | M] () -- C:\Windows\kmsem\KMService.exe PRC - [2011-01-24 23:51:51 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe PRC - [2010-12-14 16:49:16 | 000,653,120 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe PRC - [2010-12-14 16:47:48 | 001,517,376 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 14:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe PRC - [2010-11-20 14:17:54 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 14:17:46 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slui.exe PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 14:17:42 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe PRC - [2010-11-20 14:17:30 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-11-20 14:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2010-11-20 14:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-10-25 16:32:26 | 000,381,144 | R--- | M] (cFos Software GmbH) -- C:\Program Files\cFosSpeed\spd.exe PRC - [2010-08-12 15:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-08-12 15:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2010-05-25 16:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- D:\Internet Download Manager\IEMonitor.exe PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-06-22 16:18:57 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Downloads\Programs\OTL.exe MOD - [2011-04-01 17:20:16 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2011-02-25 07:34:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2010-11-20 14:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 14:21:20 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 14:19:26 | 000,857,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2010-11-20 14:19:26 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-14 18:04:48 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-05-25 09:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-01-24 23:51:51 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvany.exe -- (KMService) SRV - [2010-12-14 16:47:48 | 001,517,376 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010-12-14 16:45:42 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-12-06 09:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- D:\Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-11-06 11:57:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-10-25 16:32:26 | 000,381,144 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS) SRV - [2010-08-12 15:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-08-12 15:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2010-03-25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-05-31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-05-25 09:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-03-28 19:46:40 | 000,086,792 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP) DRV - [2011-03-22 18:46:04 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2011-03-07 23:10:39 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2011-03-07 23:10:38 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-12-02 12:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-12-02 12:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-12-02 10:36:42 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010-12-02 10:36:42 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010-11-29 20:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\WinUSB.SYS -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-11-09 15:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135) DRV - [2010-10-25 16:32:34 | 000,965,336 | ---- | M] (cFos Software GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\cfosspeed6.sys -- (cFosSpeed) cFosSpeed for faster Internet connections (NDIS 6) DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-07-29 14:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2010-07-29 14:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw) DRV - [2010-07-29 14:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-07-29 14:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp) DRV - [2010-07-29 14:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2009-08-22 20:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Riva Tuner\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-07-24 00:29:16 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vserial.sys -- (vserial) DRV - [2008-07-24 00:29:16 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vsb.sys -- (vsbus) DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2000-01-01 02:00:00 | 000,173,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2000-01-01 02:00:00 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2000-01-01 02:00:00 | 000,044,032 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUCcid.sys -- (RSUSBCCID) DRV - [2000-01-01 02:00:00 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter) DRV - [2000-01-01 02:00:00 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2000-01-01 02:00:00 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.9 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48 FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.2.6 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-12-25 14:02:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-06 11:01:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: D:\Firefox\components [2011-04-27 17:57:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: D:\Firefox\plugins [2011-05-05 19:16:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-11-05 16:14:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-12-25 14:02:08 | 000,000,000 | ---D | M] [2010-11-14 21:10:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Extensions [2011-03-23 14:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Firefox\Profiles\g8148kl8.default\extensions [2011-03-10 19:37:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Łukasz\AppData\Roaming\mozilla\Firefox\Profiles\g8148kl8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-02-04 16:31:18 | 000,002,059 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\g8148kl8.default\searchplugins\daemon-search.xml File not found (No name found) -- File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\IDM\IDMMZCC3 File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G8148KL8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D} File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G8148KL8.DEFAULT\EXTENSIONS\CACAOWEB@CACAOWEB.ORG.XPI [2011-04-03 09:59:21 | 000,000,000 | ---D | M] (Java Console) -- D:\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Adobe PDF Link Helper) - {7F6A4C77-05E8-5372-47E2-3CC149F77E64} - Reg Error: Value error. File not found O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found. O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) O4 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UseOEMBackground = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0 O7 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Ściągnij przez IDM - D:\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\..Trusted Domains: mks.com.pl ([www] https in Trusted sites) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab (SysInfo Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - D:\Fences\Stardock\Fences\FencesMenu.dll (Stardock) O27 - HKLM IFEO\AcroRd32.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\allplayer.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\allskincreator.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\creak- allplayer.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\dirt3.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\dtlite.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\hamachi-2-ui.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\jaf.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\jafcomemulator.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\jaflogger.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\nokiaovisuite.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\nvstlink.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\nvstview.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\play.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\skype.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\slimdrivers.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\uninstall.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\utorrent.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\wmdc.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{110b8194-e8ed-11df-804f-001fd0a761fd}\Shell - "" = AutoRun O33 - MountPoints2\{110b8194-e8ed-11df-804f-001fd0a761fd}\Shell\AutoRun\command - "" = K:\Autorun.exe O33 - MountPoints2\{16ccb8c0-54a4-11e0-bef0-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{16ccb8c0-54a4-11e0-bef0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk - Reg Error: Value error. - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpFolder: C:^Users^Łukasz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Launchy.lnk - Reg Error: Value error. - File not found MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - D:\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]BCSSync[/b] - hkey= - key= - C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]cacaoweb[/b] - hkey= - key= - C:\Users\Łukasz\AppData\Roaming\cacaoweb\cacaoweb.exe () MsConfig - StartUpReg: [b]Chew7Hale[/b] - hkey= - key= - File not found MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - D:\Daemon Tool\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\Łukasz\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]IDMan[/b] - hkey= - key= - D:\Internet Download Manager\IDMan.exe (Tonec Inc.) MsConfig - StartUpReg: [b]jushed[/b] - hkey= - key= - C:\ProgramData\jushed.exe ( ) MsConfig - StartUpReg: [b]LogMeIn Hamachi Ui[/b] - hkey= - key= - D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MsConfig - StartUpReg: [b]NokiaMServer[/b] - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) MsConfig - StartUpReg: [b]NokiaOviSuite2[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) MsConfig - StartUpReg: [b]RocketDock[/b] - hkey= - key= - D:\RocketDock\RocketDock.exe () MsConfig - StartUpReg: [b]Start WingMan Profiler[/b] - hkey= - key= - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]uTorrent[/b] - hkey= - key= - D:\uTorrent\uTorrent.exe (BitTorrent, Inc.) MsConfig - StartUpReg: [b]Windows Mobile Device Center[/b] - hkey= - key= - C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) MsConfig - State: "startup" - 2 MsConfig - State: "bootini" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - D:\Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-06-19 23:33:21 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\DonationCoder [2011-06-19 23:33:20 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Documents\DonationCoder [2011-06-15 22:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Premium Link Generator [2011-06-14 18:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2011-06-14 17:45:18 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Adobe [2011-06-14 17:13:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2011-06-14 17:12:55 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011-06-14 17:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant [2011-06-14 17:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2011-06-14 17:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011-06-14 00:03:31 | 000,000,000 | --SD | C] -- C:\Users\Łukasz\Documents\Moje źródła danych [2011-06-09 00:10:03 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria [2011-06-08 22:25:24 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\Edycje rejestru [2011-06-06 16:14:05 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011-06-02 22:02:28 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\FreeStone Group [2011-06-02 00:33:49 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition [2011-05-30 23:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011-05-30 13:24:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2011-05-30 13:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters [2011-05-30 13:22:40 | 003,461,120 | ---- | C] (Valve Corporation) -- C:\Windows\System32\Steam.dll [2011-05-30 13:17:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2011-05-30 13:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE [2011-05-26 21:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound [2011-05-26 21:49:16 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\System32\rapture3d_oal.dll [2011-05-26 21:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\BRS [2011-05-24 15:14:52 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Windows 7 Account Screen Editor [2011-05-22 11:01:20 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Lionhead Studios [2011-05-20 18:13:54 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Microsoft_Corporation [2011-05-18 23:50:15 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2011-05-18 21:39:42 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Documents\Pliki programu Outlook [2011-05-18 15:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 2 [2011-05-17 23:48:57 | 000,566,784 | RHS- | C] ( ) -- C:\ProgramData\jushed.exe [2011-05-17 23:48:57 | 000,347,136 | RHS- | C] (NirSoft) -- C:\ProgramData\nircmd.exe [2011-05-17 23:48:56 | 007,987,953 | ---- | C] (CCCP Project ) -- C:\Users\Łukasz\AppData\Local\Codecs.exe [2011-05-17 23:48:56 | 000,566,784 | ---- | C] ( ) -- C:\Users\Łukasz\AppData\Local\jushed.exe [2011-05-17 23:48:56 | 000,347,136 | ---- | C] (NirSoft) -- C:\Users\Łukasz\AppData\Local\nircmd.exe [2011-05-17 23:40:40 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Documents\Witcher 2 [2011-05-17 23:40:40 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\The Witcher 2 [2011-05-15 22:52:48 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\Damian [2011-05-13 23:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras [2011-05-13 23:24:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011-05-13 23:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011-05-12 23:14:07 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Stardock [2011-05-12 23:14:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B} [2011-05-12 23:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fences [2011-05-12 23:13:36 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\PackageAware [2011-05-12 17:14:45 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\.jagex_cache_32 [2011-04-27 17:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative [2011-04-27 17:57:02 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2011-04-27 17:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative [2011-04-27 17:57:02 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Real [2011-04-27 17:57:02 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Real [2011-04-27 17:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2011-04-24 11:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\VORBIS [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\L3 [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\FLAC [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\DOLBY [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\APE [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\AMR [2011-04-24 11:50:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\QUARTZ [2011-04-24 11:50:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\AAC [2011-04-24 11:50:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\HAALI [2011-04-24 11:50:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\GABEST [2011-04-24 11:50:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\X264 [2011-04-24 11:50:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\FFDShow [2011-04-24 11:50:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\WM9 [2011-04-24 11:50:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\OGG [2011-04-24 11:50:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\MPEG2 [2011-04-24 11:50:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\XVID [2011-04-24 11:50:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\FLV [2011-04-24 11:50:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\DIVX [2011-04-24 11:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2011-04-24 11:38:08 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\ALLPlayer [8 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-06-22 15:48:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041758257-3929182411-3212461294-1001UA.job [2011-06-22 15:22:22 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 15:22:22 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 14:48:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041758257-3929182411-3212461294-1001Core.job [2011-06-22 14:19:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-22 10:38:40 | 000,736,096 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-06-22 10:38:40 | 000,650,212 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-06-22 10:38:40 | 000,152,676 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-06-22 10:38:40 | 000,119,282 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-06-19 23:33:21 | 000,000,046 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\DonationCoder_findrunrobot_InstallInfo.dat [2011-06-11 15:52:48 | 000,000,129 | ---- | M] () -- C:\Users\Łukasz\jagex_runescape_preferences2.dat [2011-06-11 15:51:48 | 000,000,046 | ---- | M] () -- C:\Users\Łukasz\jagex_runescape_preferences.dat [2011-06-09 00:10:03 | 000,000,544 | ---- | M] () -- C:\Users\Łukasz\Desktop\Terraria.lnk [2011-06-02 22:02:27 | 000,000,890 | ---- | M] () -- C:\Users\Łukasz\Desktop\Video Card Stability Test.lnk [2011-06-02 18:48:35 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2011-05-30 19:31:43 | 000,000,498 | ---- | M] () -- C:\Users\Łukasz\Desktop\play — skrót.lnk [2011-05-29 09:44:03 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job [2011-05-25 14:27:18 | 000,000,136 | ---- | M] () -- C:\Users\Łukasz\Desktop\FIFA 11 — skrót.lnk [2011-05-25 09:24:44 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011-05-25 09:24:42 | 000,004,364 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2011-05-21 11:04:12 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 00:34:10 | 000,000,618 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk [2011-05-20 22:35:28 | 000,304,744 | ---- | M] () -- C:\Windows\System32\nvStreaming.exe [2011-05-20 20:59:25 | 000,000,002 | ---- | M] () -- C:\ProgramData\datesavefile [2011-05-20 20:59:24 | 000,000,001 | ---- | M] () -- C:\ProgramData\varsavefile [2011-05-18 15:34:40 | 000,000,397 | ---- | M] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [2011-05-18 00:06:04 | 007,987,953 | ---- | M] (CCCP Project ) -- C:\Users\Łukasz\AppData\Local\Codecs.exe [2011-05-18 00:06:04 | 000,566,784 | ---- | M] ( ) -- C:\Users\Łukasz\AppData\Local\jushed.exe [2011-05-18 00:06:04 | 000,347,136 | RHS- | M] (NirSoft) -- C:\ProgramData\nircmd.exe [2011-05-18 00:06:04 | 000,347,136 | ---- | M] (NirSoft) -- C:\Users\Łukasz\AppData\Local\nircmd.exe [2011-05-18 00:06:04 | 000,004,768 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\operaprefs.ini [2011-05-18 00:06:04 | 000,004,768 | ---- | M] () -- C:\ProgramData\operaprefs.ini [2011-05-17 23:57:04 | 000,566,784 | RHS- | M] ( ) -- C:\ProgramData\jushed.exe [2011-05-17 23:52:50 | 000,000,002 | ---- | M] () -- C:\ProgramData\timerxfile [2011-05-15 22:55:42 | 000,001,516 | ---- | M] () -- C:\Users\Łukasz\Desktop\Downloads.lnk [2011-05-15 22:55:09 | 000,001,530 | ---- | M] () -- C:\Users\Łukasz\Desktop\Filmy.lnk [2011-05-15 17:23:44 | 000,001,457 | ---- | M] () -- C:\Users\Łukasz\.recently-used.xbel [2011-05-11 16:44:49 | 000,000,090 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\RSBot_Accounts.ini [2011-04-24 11:58:50 | 000,000,469 | ---- | M] () -- C:\Windows\System32\libFLAC.dll [2011-04-24 11:58:50 | 000,000,469 | ---- | M] () -- C:\Windows\System32\evrprop.dll [2011-04-24 11:58:49 | 000,000,469 | ---- | M] () -- C:\Windows\System32\iconv.dll [2011-04-24 11:58:48 | 000,000,469 | ---- | M] () -- C:\Windows\System32\mkzlib.dll [2011-04-24 11:58:48 | 000,000,469 | ---- | M] () -- C:\Windows\System32\mkunicode.dll [2011-04-24 11:58:45 | 000,000,469 | ---- | M] () -- C:\Windows\System32\xvidcore.dll [8 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-19 23:33:21 | 000,000,046 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\DonationCoder_findrunrobot_InstallInfo.dat [2011-06-14 18:06:32 | 000,000,716 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS4.lnk [2011-06-14 18:05:01 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk [2011-06-09 00:10:03 | 000,000,544 | ---- | C] () -- C:\Users\Łukasz\Desktop\Terraria.lnk [2011-06-02 22:02:27 | 000,000,890 | ---- | C] () -- C:\Users\Łukasz\Desktop\Video Card Stability Test.lnk [2011-05-30 19:31:45 | 000,000,498 | ---- | C] () -- C:\Users\Łukasz\Desktop\play — skrót.lnk [2011-05-25 14:27:18 | 000,000,136 | ---- | C] () -- C:\Users\Łukasz\Desktop\FIFA 11 — skrót.lnk [2011-05-21 11:04:12 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 00:34:10 | 000,000,618 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk [2011-05-20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011-05-18 15:34:40 | 000,000,397 | ---- | C] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [2011-05-17 23:48:58 | 000,000,002 | ---- | C] () -- C:\ProgramData\timerxfile [2011-05-17 23:48:58 | 000,000,002 | ---- | C] () -- C:\ProgramData\datesavefile [2011-05-17 23:48:58 | 000,000,001 | ---- | C] () -- C:\ProgramData\varsavefile [2011-05-17 23:48:57 | 000,004,768 | ---- | C] () -- C:\ProgramData\operaprefs.ini [2011-05-17 23:48:56 | 000,004,768 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\operaprefs.ini [2011-05-15 22:54:08 | 000,000,925 | ---- | C] () -- C:\Users\Łukasz\Desktop\Torchlight.lnk [2011-05-15 22:54:06 | 000,000,462 | ---- | C] () -- C:\Users\Łukasz\Desktop\Tom Clancy's H.A.W.X — skrót.lnk [2011-05-15 22:54:04 | 000,000,611 | ---- | C] () -- C:\Users\Łukasz\Desktop\TmNationsForever.lnk [2011-05-15 22:54:02 | 000,001,077 | ---- | C] () -- C:\Users\Łukasz\Desktop\Test Drive Unlimited 2.lnk [2011-05-15 22:54:00 | 000,000,586 | ---- | C] () -- C:\Users\Łukasz\Desktop\Super Meat Boy.lnk [2011-05-15 22:53:57 | 000,000,619 | ---- | C] () -- C:\Users\Łukasz\Desktop\Sherlock Holmes kontra Kuba Rozpruwacz.lnk [2011-05-15 22:53:52 | 000,000,907 | ---- | C] () -- C:\Users\Łukasz\Desktop\Minecraft.lnk [2011-05-15 22:53:50 | 000,000,602 | ---- | C] () -- C:\Users\Łukasz\Desktop\Mass Effect 2.lnk [2011-05-15 22:53:49 | 000,000,663 | ---- | C] () -- C:\Users\Łukasz\Desktop\GTA EFLC.lnk [2011-05-15 22:53:47 | 000,001,078 | ---- | C] () -- C:\Users\Łukasz\Desktop\GameRanger.lnk [2011-05-15 22:53:44 | 000,001,092 | ---- | C] () -- C:\Users\Łukasz\Desktop\Dragon Age 2.lnk [2011-05-15 22:53:42 | 000,000,750 | ---- | C] () -- C:\Users\Łukasz\Desktop\Divinity II - DKS.lnk [2011-05-15 22:53:39 | 000,001,490 | ---- | C] () -- C:\Users\Łukasz\Desktop\Dead Space™.lnk [2011-05-15 22:53:34 | 000,000,992 | ---- | C] () -- C:\Users\Łukasz\Desktop\Crysis 2.lnk [2011-05-15 22:53:32 | 000,000,595 | ---- | C] () -- C:\Users\Łukasz\Desktop\AC Brotherhood.lnk [2011-05-15 22:53:26 | 000,001,607 | ---- | C] () -- C:\Users\Łukasz\Desktop\Splash PRO.lnk [2011-05-15 22:53:19 | 000,000,587 | ---- | C] () -- C:\Users\Łukasz\Desktop\Portal 2.lnk [2011-05-15 22:53:02 | 000,001,530 | ---- | C] () -- C:\Users\Łukasz\Desktop\Filmy.lnk [2011-05-15 22:53:00 | 000,001,516 | ---- | C] () -- C:\Users\Łukasz\Desktop\Downloads.lnk [2011-05-15 22:52:39 | 000,000,673 | ---- | C] () -- C:\Users\Łukasz\Desktop\Your Unin-staller!.lnk [2011-05-15 22:52:26 | 000,000,589 | ---- | C] () -- C:\Users\Łukasz\Desktop\Mozilla Firefox.lnk [2011-05-15 22:52:23 | 000,000,627 | ---- | C] () -- C:\Users\Łukasz\Desktop\KMPlayer.lnk [2011-05-15 22:52:19 | 000,000,586 | ---- | C] () -- C:\Users\Łukasz\Desktop\Eusing Free Registry Cleaner.lnk [2011-05-15 22:52:16 | 000,000,797 | ---- | C] () -- C:\Users\Łukasz\Desktop\DAEMON Tools Lite.lnk [2011-05-15 22:52:12 | 000,000,595 | ---- | C] () -- C:\Users\Łukasz\Desktop\Ashampoo Burning Studio 10.lnk [2011-05-15 17:23:44 | 000,001,457 | ---- | C] () -- C:\Users\Łukasz\.recently-used.xbel [2011-04-24 11:50:20 | 000,000,469 | ---- | C] () -- C:\Windows\System32\evrprop.dll [2011-04-24 11:50:19 | 000,000,469 | ---- | C] () -- C:\Windows\System32\iconv.dll [2011-04-24 11:50:18 | 000,000,469 | ---- | C] () -- C:\Windows\System32\mkzlib.dll [2011-04-24 11:50:17 | 000,000,469 | ---- | C] () -- C:\Windows\System32\mkunicode.dll [2011-04-24 11:38:08 | 000,797,184 | ---- | C] () -- C:\Windows\System32\ac3filter.ax [2011-04-24 11:38:08 | 000,000,469 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-04-24 11:38:08 | 000,000,469 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-04-07 21:54:00 | 000,315,682 | ---- | C] () -- C:\Windows\System32\slwc.exe [2011-04-07 21:51:48 | 000,111,104 | ---- | C] () -- C:\Windows\System32\Uharc.exe [2011-04-07 21:51:48 | 000,008,636 | ---- | C] () -- C:\Windows\System32\modifype.exe [2011-04-04 12:33:14 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe [2011-04-04 00:31:39 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-04-04 00:29:56 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-03-30 15:49:44 | 000,077,824 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\chrtmp [2011-03-21 18:01:54 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2011-03-19 01:14:33 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011-03-19 01:14:32 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011-03-16 21:19:24 | 000,007,605 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Resmon.ResmonCfg [2011-03-09 00:53:01 | 007,006,398 | ---- | C] () -- C:\Windows\temp.exe [2011-03-07 23:10:39 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2011-03-07 23:10:38 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2011-03-06 10:49:37 | 000,229,947 | ---- | C] () -- C:\Windows\hpoins19.dat [2011-03-06 10:49:37 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2011-02-28 20:25:11 | 000,459,264 | ---- | C] () -- C:\Windows\System32\mchEvaluation.exe [2011-02-26 22:54:18 | 000,286,208 | ---- | C] () -- C:\Windows\System32\binkw32.dll [2011-02-23 19:07:49 | 000,118,784 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2011-02-23 19:06:01 | 000,011,264 | ---- | C] () -- C:\Windows\System32\ogg.dll [2011-01-24 23:52:49 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2010-12-10 12:51:45 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010-12-03 15:55:01 | 000,000,006 | ---- | C] () -- C:\Windows\f2areg64.dll [2010-11-14 21:10:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-11-05 17:19:05 | 000,000,090 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\RSBot_Accounts.ini [2010-11-05 15:48:13 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-11-05 15:48:09 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009-07-14 10:07:57 | 000,736,096 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-07-14 10:07:57 | 000,152,676 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 06:33:53 | 000,407,824 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 04:05:48 | 000,650,212 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 04:05:48 | 000,119,282 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-07-14 01:41:47 | 000,001,536 | ---- | C] () -- C:\Windows\System32\winver.exe [2009-07-13 02:07:46 | 000,025,448 | ---- | C] () -- C:\Windows\System32\drivers\uxpatch.sys [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2009-06-07 16:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-01-28 20:50:44 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-07-24 00:29:16 | 000,047,744 | ---- | C] () -- C:\Windows\System32\drivers\vserial.sys [2008-07-24 00:29:16 | 000,015,264 | ---- | C] () -- C:\Windows\System32\drivers\vsb.sys [2007-07-23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007-07-23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007-07-23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2011-05-11 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache [2011-02-12 10:31:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESET [2011-03-20 19:36:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\foobar2000 [2011-05-11 12:13:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IDM [2011-05-11 12:12:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software [2011-05-11 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent [2011-05-30 22:53:41 | 000,000,000 | ---D | M] -- C:\Users\Dirt 3\AppData\Roaming\ESET [2011-05-30 22:53:43 | 000,000,000 | ---D | M] -- C:\Users\Dirt 3\AppData\Roaming\Stardock [2011-05-30 22:52:58 | 000,000,000 | ---D | M] -- C:\Users\Dirt 3\AppData\Roaming\TuneUp Software [2011-04-21 13:52:14 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\.minecraft [2010-11-18 00:57:59 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\360desktop [2011-02-27 20:42:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\App Launcher Gadget [2011-02-26 16:27:57 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Ashampoo [2011-02-28 19:14:08 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\AVI ReComp [2011-04-08 13:31:56 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\BESTplayer [2010-12-27 02:08:08 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\cacaoweb [2011-06-14 17:12:55 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2010-11-05 17:01:13 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite [2011-02-27 20:38:39 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Pro [2011-06-22 00:47:03 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DMCache [2011-06-19 23:33:21 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DonationCoder [2010-11-05 16:14:49 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\ESET [2011-06-22 16:19:03 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\foobar2000 [2011-06-02 22:02:28 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\FreeStone Group [2011-02-26 11:53:28 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\GameRanger [2011-03-07 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Games [2010-11-12 12:20:07 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\GHISLER [2011-05-15 17:24:48 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\gtk-2.0 [2011-04-20 21:00:20 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\IDM [2011-04-08 15:13:40 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Launchy [2010-11-05 17:21:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Leadertech [2011-05-22 11:01:20 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Lionhead Studios [2011-04-18 23:23:37 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Mirillis [2010-11-12 12:56:51 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\My Games [2011-02-21 02:00:34 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Opera [2010-12-25 14:07:26 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\PC Suite [2011-03-19 01:14:31 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\PunkBuster [2011-02-01 16:45:38 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Rovio [2011-02-15 23:29:34 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\runic games [2011-03-09 21:50:14 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Salling Software AB [2011-01-09 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\SpeedMP3Downloader [2011-05-12 23:14:07 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Stardock [2011-03-09 00:54:25 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Thinking Minds Budiling Bytes [2011-06-13 23:19:40 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Thinstall [2011-03-11 00:32:06 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\TuneUp Software [2011-02-22 23:26:18 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\URSoft [2011-06-14 18:02:18 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\uTorrent [2011-05-17 14:20:52 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-05-29 09:44:03 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\SlimDrivers Startup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-11-18 00:37:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2011-02-04 16:27:08 | 000,018,915 | ---- | M] () -- C:\mksbasel.cpp.log [2010-11-18 00:37:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2011-06-22 09:18:24 | 3219,644,416 | -HS- | M] () -- C:\pagefile.sys [2010-11-18 00:37:54 | 000,000,000 | ---- | M] () -- C:\TP17A269.$$$ [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T155359517481\internal_ide_channel\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T155359517481\pci\ven_8086&dev_27c0\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T160110684877\internal_ide_channel\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T160110684877\pci\ven_8086&dev_27c0\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T162449280101\internal_ide_channel\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T162449280101\pci\ven_8086&dev_27c0\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T163013458653\internal_ide_channel\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T155359517481\gencdrom\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T160110684877\gencdrom\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T162449280101\gencdrom\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T163013458653\gencdrom\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 14:17:54 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=1562571D6B1541098E677C3BB78709A0 -- C:\Windows\System32\winlogon.exe [2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\ProgramData\Microsoft\Windows\SXS\32\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Users\All Users\Microsoft\Windows\SXS\32\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:1CE11B51 < End of report > [/log] Extras.txt [log]OTL Extras logfile created on: 2011-06-22 16:20:15 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Łukasz\Downloads\Programs Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,85 Gb Available Physical Memory | 61,66% Memory free 6,00 Gb Paging File | 4,81 Gb Available in Paging File | 80,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78,03 Gb Total Space | 29,76 Gb Free Space | 38,14% Space Free | Partition Type: NTFS Drive D: | 358,06 Gb Total Space | 19,40 Gb Free Space | 5,42% Space Free | Partition Type: NTFS Computer Name: ŁUKASZ-KOMPUTER | User Name: Łukasz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{09CA31EC-7BCB-4239-B4F6-674E730A8235}" = SlimDrivers "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan "{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences "{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup "{14C36646-83C8-430E-92B3-16F998BDB4E0}" = Activision(R) "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011 "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 24 "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0 "{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300 "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater "{3604BFF4-6EC8-44D6-B147-92C2D642FEDE}" = Wheelman "{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}" = Nokia Ovi Suite "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3F64C088-9A45-41B3-8B99-71AFAB720A56}" = Sherlock Holmes kontra Kuba Rozpruwacz "{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11 "{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{434D0FA0-AB8C-497F-B30A-7A1000018201}" = DiRT 3 "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™ "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1 "{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3 "{5454083B-1308-4485-BF17-111000028703}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000038702}" = Grand Theft Auto: Episodes from Liberty City "{5454083B-1308-4485-BF17-111000038703}" = Grand Theft Auto: Episodes from Liberty City "{5C19E2DC-4CCF-3114-B40A-6E565987025F}" = Microsoft .NET Framework 4 Extended PLK Language Pack "{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{60D32CDC-E3BE-4578-BA10-29322307CDDC}" = Logitech Gaming Software 5.10 "{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City "{62621555-6310-433D-983E-957D707DC535}" = ESET Smart Security "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{69916AD2-3710-4C86-895E-8F475290AA64}" = Ovi Desktop Sync Engine "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network "{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010 "{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010 "{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010 "{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010 "{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010 "{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010 "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010 "{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010 "{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010 "{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010 "{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010 "{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010 "{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum obsługi urządzeń z systemem Windows Mobile "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.0 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software "{AB0DBC9A-422A-4888-A8E5-A32EC1779E68}_is1" = Sunrise Seven 1.2.61 "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.4 - Polish "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 275.33 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 275.33 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 275.33 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 275.33 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.3.5 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting "{DD070C1A-30D4-4344-8F67-986468D0A65E}" = TuneUp Utilities Language Pack (pl-PL) "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext "{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™ "{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = Wiedźmin 2 "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F27DCDBA-0269-4709-B8CA-409FA42EF4A0}" = Splash PRO "{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II "{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4 "ALLPlayer_is1" = ALLPlayer V4.X "Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.4 "AutocompletePro3_is1" = AutocompletePro "AVI ReComp" = AVI ReComp 1.5.2 "Avisynth" = AviSynth 2.5 "CCleaner" = CCleaner "CDCE6956-DD16-4F82-ACA0-E4C7BAD6B26A_is1" = Divinity II - DKS "cFosSpeed" = cFosSpeed v6.03 "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2010-10-10 "CPUID CPU-Z_is1" = CPUID CPU-Z 1.56 "CWK" = CWK (Czasowy Wyłącznik Komputera) "DAEMON Tools Lite" = DAEMON Tools Lite "Defraggler" = Defraggler "ESET Online Scanner" = ESET Online Scanner v3 "Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner "Fences" = Fences "foobar2000" = foobar2000 v1.1.5 "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.51 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "InstallShield_{14C36646-83C8-430E-92B3-16F998BDB4E0}" = Spider-Man(TM) - Shattered Dimensions "Internet Download Manager" = Internet Download Manager "JAFSetup" = JAF Setup "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.3 (Full) "LogMeIn Hamachi" = LogMeIn Hamachi "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended "Miranda IM" = Miranda IM 0.9.15 "Mozilla Firefox 4.0 (x86 pl)" = Mozilla Firefox 4.0 (x86 pl) "Nokia Ovi Suite" = Nokia Ovi Suite "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "OpenAL" = OpenAL "Opera 11.01.1190" = Opera 11.01 "Palringo" = Palringo "Postal 2_is1" = Portal 2 "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 1.9.0 Lite "RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition "RocketDock_is1" = RocketDock 1.3.5 "Shop for HP Supplies" = Shop for HP Supplies "SkanerOnline" = Skaner on-line mks_vir "SpeedFan" = SpeedFan (remove only) "Test Drive Unlimited 2_is1" = Test Drive Unlimited 2 "The KMPlayer" = The KMPlayer (remove only) "TmNationsForever_is1" = TmNationsForever "TNod" = TNod User & Password Finder "Totalcmd" = Total Commander (Remove or Repair) "TuneUp Utilities 2011" = TuneUp Utilities 2011 "Turbo Pascal 7.0" = Turbo Pascal 7.0 "uTorrent" = µTorrent "Video Card Stability Test" = Video Card Stability Test "VobSub" = VobSub 2.23 "WinGimp-2.0_is1" = GIMP 2.6.11 "WinRAR archiver" = Archiwizator WinRAR "Xvid_is1" = Xvid 1.2.2 "YU2010_is1" = Your Uninstaller! 2010 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1041758257-3929182411-3212461294-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "GameRanger" = GameRanger "Google Chrome" = Google Chrome "GTA IV: Episodes From Liberty City Crack" = GTA IV: Episodes From Liberty City Crack [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] Log.txt [log]Logfile of random's system information tool 1.08 (written by random/random) Run by Łukasz at 2011-06-22 16:38:46 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 30 GB (38%) free of 80 GB Total RAM: 3070 MB (53% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:38:48, on 2011-06-22 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Windows Sidebar\sidebar.exe D:\Internet Download Manager\IDMan.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe D:\Internet Download Manager\IEMonitor.exe C:\Windows\System32\slui.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe D:\Foobar2000\foobar2000.exe C:\Windows\system32\rundll32.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskhost.exe C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\explorer.exe C:\Windows\system32\DllHost.exe C:\Users\Łukasz\Downloads\Programs\RSIT.exe C:\Program Files\trend micro\Łukasz.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {a8864317-e18b-4292-99d9-e6e65ab905d3} - (no file) O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Adobe PDF Link Helper - {7F6A4C77-05E8-5372-47E2-3CC149F77E64} - (no file) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\ALLPlayer\Iplex\IplexToALLPlayer.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\TNod User & Password Finder\TNODUP.exe" /i O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe /onboot O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Ściągnij przez IDM - D:\Internet Download Manager\IEExt.htm O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Internet Download Manager\IEGetAll.htm O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Pokaż lub ukryj HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-beta/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Fences\Stardock\Fences\FencesMenu.dll O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- End of file - 9083 bytes ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041758257-3929182411-3212461294-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041758257-3929182411-3212461294-1001UA.job C:\Windows\tasks\SlimDrivers Startup.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] IDM integration (IDMIEHlprObj Class) - D:\Internet Download Manager\IDMIECC.dll [2011-04-05 210352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-09-26 97760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6A4C77-05E8-5372-47E2-3CC149F77E64}] Adobe PDF Link Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}] IplexToALLPlayer - D:\ALLPlayer\ALLPlayer\Iplex\IplexToALLPlayer.dll [2011-02-09 400384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-02-24 10025576] "TNOD UP"=C:\Program Files\TNod User & Password Finder\TNODUP.exe [2010-04-02 1811968] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016] "IDMan"=D:\Internet Download Manager\IDMan.exe [2011-04-05 3278232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] D:\Adobe Reader\Reader\Reader_sl.exe [2011-01-31 35760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cacaoweb] C:\Users\Łukasz\AppData\Roaming\cacaoweb\cacaoweb.exe [2010-12-27 308464] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Chew7Hale] C:\Windows\System32\hale.exe [2011-04-04 2169856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] D:\Daemon Tool\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\Łukasz\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-05 136176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan] D:\Internet Download Manager\IDMan.exe [2011-04-05 3278232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jushed] C:\ProgramData\jushed.exe [2011-05-17 566784] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] D:\Hamachi\hamachi-2-ui.exe [2010-12-06 1910152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-12-20 697856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] D:\RocketDock\RocketDock.exe [2007-09-02 495616] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2000-01-01 153672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] D:\uTorrent\uTorrent.exe [2011-03-29 399736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Łukasz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Launchy.lnk] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler] FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Fences\Stardock\Fences\FencesMenu.dll [2009-10-02 128360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableCAD"=1 "UseOEMBackground"=0 "DisplayLastLogonInfo"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] "Debugger=""C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "D:\a d\Adobe Dreamweaver CS4\Dreamweaver.exe","%1" ======List of files/folders created in the last 1 months====== 2011-06-22 16:25:54 ----D---- C:\rsit 2011-06-20 16:42:20 ----A---- C:\Windows\ntbtlog.txt 2011-06-19 23:33:21 ----D---- C:\Users\Łukasz\AppData\Roaming\DonationCoder 2011-06-17 01:46:11 ----A---- C:\Windows\system32\mshtmled.dll 2011-06-17 01:46:11 ----A---- C:\Windows\system32\iertutil.dll 2011-06-17 01:46:10 ----A---- C:\Windows\system32\jscript9.dll 2011-06-17 01:46:10 ----A---- C:\Windows\system32\jscript.dll 2011-06-17 01:46:10 ----A---- C:\Windows\system32\ieui.dll 2011-06-17 01:46:09 ----A---- C:\Windows\system32\urlmon.dll 2011-06-17 01:46:09 ----A---- C:\Windows\system32\mshtml.dll 2011-06-17 01:46:09 ----A---- C:\Windows\system32\ieframe.dll 2011-06-16 22:30:35 ----A---- C:\Windows\system32\drivers\srvnet.sys 2011-06-16 22:30:35 ----A---- C:\Windows\system32\drivers\srv2.sys 2011-06-16 22:30:35 ----A---- C:\Windows\system32\drivers\srv.sys 2011-06-16 22:30:33 ----A---- C:\Windows\system32\drivers\tcpip.sys 2011-06-16 22:30:33 ----A---- C:\Windows\system32\drivers\afd.sys 2011-06-16 22:30:31 ----A---- C:\Windows\system32\oleaut32.dll 2011-06-16 22:30:30 ----A---- C:\Windows\system32\inetcomm.dll 2011-06-16 22:30:29 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2011-06-16 22:30:29 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2011-06-16 22:30:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2011-06-15 22:59:55 ----D---- C:\Program Files\Premium Link Generator 2011-06-14 18:07:29 ----D---- C:\ProgramData\FLEXnet 2011-06-14 17:45:18 ----D---- C:\Users\Łukasz\AppData\Roaming\Adobe 2011-06-14 17:13:52 ----D---- C:\Program Files\Common Files\Macrovision Shared 2011-06-14 17:12:55 ----D---- C:\Users\Łukasz\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2011-06-14 17:12:52 ----D---- C:\Program Files\Adobe Download Assistant 2011-06-14 17:12:50 ----D---- C:\Program Files\Common Files\Adobe AIR 2011-06-14 17:12:50 ----D---- C:\Program Files\Adobe 2011-06-14 16:45:56 ----A---- C:\Windows\system32\msvcr80.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\OpenCL.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\nvwgf2um.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\nvoglv32.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\nvgenco322090.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\nvdispco3220150.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\nvd3dum.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\nvcuvid.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\nvcuvenc.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\nvcuda.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\nvcompiler.dll 2011-06-06 16:14:05 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2011-06-02 22:02:28 ----D---- C:\Users\Łukasz\AppData\Roaming\FreeStone Group 2011-06-02 18:48:35 ----RA---- C:\Windows\system32\tmp1DC2.tmp 2011-05-30 23:07:05 ----RA---- C:\Windows\system32\tmpACD4.tmp 2011-05-30 13:24:46 ----SHD---- C:\ProgramData\DSS 2011-05-30 13:24:45 ----D---- C:\ProgramData\Codemasters 2011-05-30 13:22:40 ----A---- C:\Windows\system32\Steam.dll 2011-05-30 13:17:20 ----D---- C:\Windows\system32\xlive 2011-05-30 13:17:20 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE 2011-05-29 11:01:16 ----RA---- C:\Windows\system32\tmpFAD4.tmp 2011-05-26 21:49:16 ----A---- C:\Windows\system32\rapture3d_oal.dll 2011-05-26 21:49:16 ----A---- C:\Windows\system32\mkl_blueripple.dll 2011-05-26 21:49:15 ----D---- C:\Program Files\BRS 2011-05-26 21:49:14 ----RA---- C:\Windows\system32\tmpE4DA.tmp 2011-05-25 14:23:46 ----A---- C:\Windows\system32\drivers\Diskdump.sys ======List of files/folders modified in the last 1 months====== 2011-06-22 16:38:48 ----D---- C:\Windows\Temp 2011-06-22 16:38:48 ----D---- C:\Program Files\trend micro 2011-06-22 16:31:56 ----D---- C:\Windows\System32 2011-06-22 16:31:56 ----D---- C:\Windows\inf 2011-06-22 16:31:56 ----A---- C:\Windows\system32\PerfStringBackup.INI 2011-06-22 16:30:13 ----D---- C:\Program Files\cFosSpeed 2011-06-22 16:19:03 ----D---- C:\Users\Łukasz\AppData\Roaming\foobar2000 2011-06-22 09:30:42 ----D---- C:\Windows\system32\config 2011-06-22 00:47:03 ----D---- C:\Users\Łukasz\AppData\Roaming\DMCache 2011-06-21 11:24:17 ----D---- C:\Windows\Prefetch 2011-06-21 11:24:11 ----SHD---- C:\System Volume Information 2011-06-20 16:42:20 ----HD---- C:\Config.Msi 2011-06-20 16:42:20 ----D---- C:\Windows 2011-06-20 02:01:53 ----D---- C:\Windows\winsxs 2011-06-20 01:52:08 ----SHD---- C:\Windows\Installer 2011-06-20 01:51:55 ----D---- C:\Program Files\Common Files\Adobe 2011-06-20 01:45:52 ----RD---- C:\Program Files 2011-06-20 01:44:53 ----AD---- C:\ProgramData\TEMP 2011-06-20 01:44:48 ----HD---- C:\ProgramData 2011-06-19 01:18:30 ----D---- C:\Windows\debug 2011-06-17 23:52:01 ----D---- C:\Windows\system32\drivers 2011-06-17 23:52:00 ----D---- C:\Program Files\Internet Explorer 2011-06-17 01:47:34 ----A---- C:\Windows\system32\MRT.exe 2011-06-17 01:46:52 ----D---- C:\ProgramData\Microsoft Help 2011-06-17 01:46:26 ----D---- C:\Program Files\Microsoft Silverlight 2011-06-17 01:46:16 ----D---- C:\Windows\system32\catroot 2011-06-17 01:46:15 ----D---- C:\Windows\system32\catroot2 2011-06-14 23:16:54 ----SD---- C:\Users\Łukasz\AppData\Roaming\Microsoft 2011-06-14 18:02:18 ----D---- C:\Users\Łukasz\AppData\Roaming\uTorrent 2011-06-14 17:44:30 ----D---- C:\ProgramData\Adobe 2011-06-14 17:13:52 ----D---- C:\Program Files\Common Files 2011-06-13 23:19:40 ----D---- C:\Users\Łukasz\AppData\Roaming\Thinstall 2011-06-11 13:47:31 ----RSD---- C:\Windows\assembly 2011-06-09 16:10:18 ----D---- C:\Windows\Microsoft.NET 2011-06-08 22:50:40 ----D---- C:\Windows\system32\Tasks 2011-06-08 22:26:36 ----D---- C:\Windows\pss 2011-06-06 16:15:49 ----D---- C:\Program Files\NVIDIA Corporation 2011-06-06 16:15:45 ----D---- C:\Windows\system32\DriverStore 2011-06-06 16:15:25 ----D---- C:\ProgramData\NVIDIA 2011-06-03 22:24:45 ----D---- C:\Program Files\TNod User & Password Finder 2011-06-02 21:52:05 ----D---- C:\Windows\system32\appmgmt 2011-06-02 18:48:35 ----A---- C:\Windows\system32\wrap_oal.dll 2011-06-02 18:48:35 ----A---- C:\Windows\system32\OpenAL32.dll 2011-05-30 22:52:41 ----SHD---- C:\$Recycle.Bin 2011-05-30 22:52:35 ----RD---- C:\Users 2011-05-28 10:16:09 ----HD---- C:\Windows\system32\GroupPolicy 2011-05-26 21:49:14 ----D---- C:\Program Files\OpenAL 2011-05-25 09:24:57 ----A---- C:\Windows\system32\nvvsvc.exe 2011-05-25 09:24:56 ----A---- C:\Windows\system32\nvsvcr.dll 2011-05-25 09:24:56 ----A---- C:\Windows\system32\nvsvc.dll 2011-05-25 09:24:54 ----A---- C:\Windows\system32\nvshext.dll 2011-05-25 09:24:53 ----A---- C:\Windows\system32\nvmctray.dll 2011-05-25 09:24:47 ----A---- C:\Windows\system32\nvcpl.dll 2011-05-25 09:24:45 ----A---- C:\Windows\system32\easyupdatusapiu.dll 2011-05-25 09:24:40 ----A---- C:\Windows\system32\nvapi.dll 2011-05-24 20:23:15 ----D---- C:\Windows\rescache 2011-05-24 19:14:10 ----N---- C:\Windows\system32\MpSigStub.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-03-22 431672] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 cFosSpeed;cFosSpeed for faster Internet connections (NDIS 6); C:\Windows\system32\DRIVERS\cfosspeed6.sys [2010-10-25 965336] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096] R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-03-07 281760] R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992] R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632] R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512] R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336] R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2011-03-28 86792] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-03-07 25888] R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608] R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-02-24 3408808] R3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2000-01-01 173056] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2000-01-01 328808] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064] R3 vsbus;Virtual Serial Bus Enumerator; C:\Windows\system32\DRIVERS\vsb.sys [2008-07-24 15264] R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2000-01-01 22856] R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2000-01-01 37704] R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2000-01-01 66632] S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;Sterownik filtru magistrali AGP AMD; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864] S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-12-02 18304] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-12-02 23168] S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2010-12-02 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2010-12-02 8576] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872] S3 RivaTuner32;RivaTuner32; \??\D:\Riva Tuner\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys [2009-08-22 9088] S3 RSUSBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys [2000-01-01 44032] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;Filtr magistrali AGP SIS; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192] S3 usbscan;Sterownik skanera USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 viaagp;Filtr magistrali AGP VIA; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys [2008-07-24 47744] S3 WinUsb;Sterownik WinUsb; C:\Windows\system32\drivers\WinUSB.SYS [2010-11-20 35968] S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2000-01-01 15048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 cFosSpeedS;cFosSpeed System Service; C:\Program Files\cFosSpeed\spd.exe [2010-10-25 381144] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144] R2 hpqddsvc;Usługa HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 KMService;KMService; C:\Windows\system32\srvany.exe [2011-01-24 8192] R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-25 615528] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-03-19 75136] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992] R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-14 655624] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-06 1343400] S4 aspnet_state;„Usługa stanu ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Hamachi\hamachi-2.exe [2010-12-06 1238408] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504] S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736] S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472] S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728] -----------------EOF----------------- [/log]
wirusolog komentarz 22 czerwca 2011 komentarz 22 czerwca 2011 [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code]:OTL MsConfig - StartUpReg: cacaoweb - hkey= - key= - C:\Users\Łukasz\AppData\Roaming\cacaoweb\cacaoweb.exe () MsConfig - StartUpReg: Chew7Hale - hkey= - key= - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk - Reg Error: Value error. - File not found MsConfig - StartUpFolder: C:^Users^Łukasz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Launchy.lnk - Reg Error: Value error. - File not found O27 - HKLM IFEO\AcroRd32.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\allplayer.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\allskincreator.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\creak- allplayer.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\dirt3.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\dtlite.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\hamachi-2-ui.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\jaf.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\jafcomemulator.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\jaflogger.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\nokiaovisuite.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\nvstlink.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\nvstview.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\play.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\skype.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\slimdrivers.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\uninstall.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\utorrent.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O27 - HKLM IFEO\wmdc.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software) O3 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\..\Toolbar\WebBrowser: (no name) - {A8864317-E18B-4292-99D9-E6E65AB905D3} - No CLSID value found. O2 - BHO: (Adobe PDF Link Helper) - {7F6A4C77-05E8-5372-47E2-3CC149F77E64} - Reg Error: Value error. File not found FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.9 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48 [2011-05-18 00:06:04 | 007,987,953 | ---- | M] (CCCP Project ) -- C:\Users\Łukasz\AppData\Local\Codecs.exe [2011-05-18 00:06:04 | 000,566,784 | ---- | M] ( ) -- C:\Users\Łukasz\AppData\Local\jushed.exe [2011-05-18 00:06:04 | 000,347,136 | RHS- | M] (NirSoft) -- C:\ProgramData\nircmd.exe [2011-05-18 00:06:04 | 000,347,136 | ---- | M] (NirSoft) -- C:\Users\Łukasz\AppData\Local\nircmd.exe [2011-05-18 00:06:04 | 000,004,768 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\operaprefs.ini [2011-05-18 00:06:04 | 000,004,768 | ---- | M] () -- C:\ProgramData\operaprefs.ini [2011-05-17 23:57:04 | 000,566,784 | RHS- | M] ( ) -- C:\ProgramData\jushed.exe [2011-05-17 23:52:50 | 000,000,002 | ---- | M] () -- C:\ProgramData\timerxfile [2011-05-15 22:55:42 | 000,001,516 | ---- | M] () -- C:\Users\Łukasz\Desktop\Downloads.lnk [2011-05-15 22:55:09 | 000,001,530 | ---- | M] () -- C:\Users\Łukasz\Desktop\Filmy.lnk [2011-05-17 23:48:58 | 000,000,002 | ---- | C] () -- C:\ProgramData\timerxfile [2011-05-17 23:48:58 | 000,000,002 | ---- | C] () -- C:\ProgramData\datesavefile [2011-05-17 23:48:58 | 000,000,001 | ---- | C] () -- C:\ProgramData\varsavefile [2011-05-17 23:48:57 | 000,004,768 | ---- | C] () -- C:\ProgramData\operaprefs.ini [2011-04-04 12:33:14 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe :Reg [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cacaoweb] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Chew7Hale] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jushed] :Commands [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera. [b]2.[/b] Ściągnij [url=http://www.teamxscript.org/too/AD-R.exe][b][color=blue][u]Ad-Remover[/url][/b][/color][/u] i wciśnij w nim [b]Clean[/b] Pokaż raport z tego narzędzia. [b]3.[/b] Wykonaj usuwanie przez z [url=http://www.cybertrash.pl/Tata/USBFix/USBFix.html][b][color=blue][u]USBFix[/url][/b][/color][/u] z opcji [b]DELETION[/b]. Poproszę o raport z wykonanej operacji. [b]4.[/b] Następnie uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. Pokazujesz nowe logi z OTL + raport z usuwania.
Kicuch komentarz 22 czerwca 2011 Autor komentarz 22 czerwca 2011 Ad-report [log]======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 22:49:52 on 22/06/2011, Normal boot Microsoft Windows 7 Ultimate Service Pack 1 (X86) Łukasz@ŁUKASZ-KOMPUTER (Gigabyte Technology Co., Ltd. G31M-ES2L) ============== ACTION(S) ============== Folder deleted: C:\Program Files\AutocompletePro (!) -- Temporary files deleted. Key deleted: HKLM\Software\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key deleted: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key deleted: HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key deleted: HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key deleted: HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key deleted: HKLM\Software\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Key deleted: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO Key deleted: HKLM\Software\Classes\SuggestMeYes.SuggestMeYesBHO.1 Key deleted: HKLM\Software\Classes\Toolbar.CT1066435 Key deleted: HKLM\Software\Classes\Toolbar.CT2680363 Key deleted: HKLM\Software\Classes\AppID\AutocompletePro.DLL Key deleted: HKLM\Software\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Key deleted: HKCU\Software\AutocompletePro Key deleted: HKCU\Software\AutocompleteProBHO Key deleted: HKCU\Software\AppDataLow\Software\Toolbar Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1 Key deleted: HKLM\Software\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk ============== ADDITIONNAL SCAN ============== -- C:\Users\Łukasz\AppData\Roaming\Mozilla\FireFox\Profiles\g8148kl8.default -- Prefs.js - browser.download.dir, D:\\Downloads Prefs.js - browser.startup.homepage, hxxp://www.google.pl Prefs.js - browser.startup.homepage_override.buildID, 20110318052756 Prefs.js - browser.startup.homepage_override.mstone, rv:2.0 ======================================== **** Google Chrome Version [12.0.742.100] **** -- C:\Users\Łukasz\AppData\Local\Google\Chrome\User Data\Default -- Preferences - default_search_provider: "Google" (Enabled: true) (?) Preferences - homepage: hxxp://www.google.com/ Preferences - homepage_is_newtabpage: true Plugin - NVIDIA 3D Vision (Enabled: true) (C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll) Plugin - NVIDIA 3D VISION (Enabled: true) (C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll) Plugin - "NVIDIA 3D Vision" (Enabled: true) Plugin - "NVIDIA 3D VISION" (Enabled: true) ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{a8864317-e18b-4292-99d9-e6e65ab905d3} (x) HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - D:\Internet Download Manager\IEMonitor.exe (Tonec Inc.) HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - D:\Internet Download Manager\IDMan.exe (Tonec Inc.) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - D:\Internet Download Manager\IDMan.exe (Tonec Inc.) HKLM_Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - "@C:\Windows\WindowsMobile\INetRepl.dll,-222" (C:\Windows\WindowsMobile\INetRepl.dll,210) HKLM_Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - "?" (?) BHO\{0055C089-8582-441B-A0BF-17B458C2A3A8} - "IDM integration (IDMIEHlprObj Class)" (D:\Internet Download Manager\IDMIECC.dll) BHO\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - "IplexToALLPlayer" (D:\ALLPlayer\ALLPlayer\Iplex\IplexToALLPlayer.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 13 File(s) C:\Program Files\Ad-Remover\Backup: 14 File(s) C:\Ad-Report-CLEAN[1].txt - 22/06/2011 22:50:05 (5429 Byte(s)) End at: 22:50:49, 22/06/2011 ============== E.O.F ============== [/log] UsbFix [log]############################## | UsbFix 7.045 | [Deletion] User: Łukasz (Administrator) # ŁUKASZ-KOMPUTER [Gigabyte Technology Co., Ltd. G31M-ES2L] Updated 15/05/2011 by TeamXscript Started at 22:57:43 | 22/06/2011 Website: http://www.teamxscript.org Submit your sample: http://www.teamxscript.org/Upload.php Contact: TeamXscript.ElDesaparecido@gmail.com CPU: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz CPU 2: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz Microsoft Windows 7 Ultimate (6.1.7601 32-Bit) # Service Pack 1 Internet Explorer 9.0.8112.16421 Windows Firewall: Disabled /!\ RAM -> 3070 Mb C:\ (%systemdrive%) -> Fixed drive # 78 Gb (30 Mb free - 38%) [] # NTFS D:\ -> Fixed drive # 358 Gb (12 Mb free - 3%) [] # NTFS E:\ -> CD-ROM F:\ -> CD-ROM G:\ -> Removable drive # 4 Gb (3 Mb free - 74%) [Pendrive] # NTFS ################## | Files # Infected Folders | Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1041758257-3929182411-3212461294-1001 Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1041758257-3929182411-3212461294-1005 Deleted ! C:\$RECYCLE.BIN\S-1-5-21-1041758257-3929182411-3212461294-500 Deleted ! D:\$RECYCLE.BIN\S-1-5-18 Deleted ! D:\$RECYCLE.BIN\S-1-5-20 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1041758257-3929182411-3212461294-1001 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1041758257-3929182411-3212461294-1005 Deleted ! D:\$RECYCLE.BIN\S-1-5-21-1041758257-3929182411-3212461294-500 Deleted ! D:\MUZYKA ################## | Registry | ################## | Mountpoints2 | Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\H Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{110b8194-e8ed-11df-804f-001fd0a761fd} ################## | Listing | [22/06/2011 - 23:12:14 | SHD ] C:\$Recycle.Bin [01/04/2011 - 17:39:47 | D ] C:\.jagex_cache_32 [22/06/2011 - 22:50:50 | N | 5568] C:\Ad-Report-CLEAN[1].txt [10/06/2009 - 23:42:20 | N | 24] C:\autoexec.bat [22/06/2011 - 18:48:50 | HD ] C:\Config.Msi [10/06/2009 - 23:42:20 | N | 10] C:\config.sys [14/07/2009 - 06:53:55 | SHD ] C:\Documents and Settings [03/02/2011 - 17:22:51 | D ] C:\files [21/03/2011 - 18:25:09 | D ] C:\Intel [18/11/2010 - 00:37:29 | N | 0] C:\IO.SYS [04/02/2011 - 16:27:08 | N | 18915] C:\mksbasel.cpp.log [18/11/2010 - 00:37:29 | N | 0] C:\MSDOS.SYS [28/11/2010 - 18:03:03 | RHD ] C:\MSOCache [05/11/2010 - 16:48:06 | D ] C:\NVIDIA [22/06/2011 - 22:53:49 | ASH | 3219644416] C:\pagefile.sys [14/07/2009 - 04:37:05 | D ] C:\PerfLogs [22/06/2011 - 22:50:34 | D ] C:\Program Files [22/06/2011 - 22:46:45 | HD ] C:\ProgramData [05/11/2010 - 15:31:50 | SHD ] C:\Recovery [22/06/2011 - 16:25:59 | D ] C:\rsit [07/04/2011 - 21:54:00 | D ] C:\SnowFiles [22/06/2011 - 18:36:32 | SHD ] C:\System Volume Information [03/12/2010 - 15:57:58 | D ] C:\tmpDownload [18/11/2010 - 00:37:54 | N | 0] C:\TP17A269.$$$ [19/03/2011 - 01:26:21 | D ] C:\Ubisoft Game Launcher [22/06/2011 - 23:12:14 | D ] C:\UsbFix [22/06/2011 - 22:57:44 | A | 2941] C:\UsbFix.txt [30/05/2011 - 22:52:35 | D ] C:\Users [22/06/2011 - 22:47:10 | D ] C:\Windows [22/06/2011 - 22:46:35 | D ] C:\_OTL [22/06/2011 - 23:12:14 | SHD ] D:\$RECYCLE.BIN [14/06/2011 - 18:05:45 | D ] D:\a d [19/03/2011 - 11:45:02 | D ] D:\ACBH [17/11/2010 - 00:49:39 | D ] D:\Adobe Reader [24/04/2011 - 11:35:01 | D ] D:\ALLPlayer [26/02/2011 - 16:26:57 | D ] D:\Ashampoo Burning Studio 10 [26/02/2011 - 15:32:45 | D ] D:\AVI ReComp [26/02/2011 - 15:31:28 | D ] D:\AviSynth [08/06/2011 - 11:30:43 | D ] D:\CCleaner [19/12/2010 - 22:16:21 | D ] D:\cFosSpeed [24/04/2011 - 11:57:02 | D ] D:\Combined Community Codec Pack [06/11/2010 - 18:49:48 | D ] D:\Core Temp [18/01/2011 - 01:14:59 | D ] D:\CPU-Z [25/03/2011 - 12:45:34 | D ] D:\Crysis 2 [08/11/2010 - 09:40:26 | D ] D:\CWK [27/02/2011 - 20:33:57 | D ] D:\Daemon Tool [27/01/2011 - 16:17:15 | D ] D:\Dead Space [21/05/2011 - 00:34:11 | D ] D:\Defraggler [02/06/2011 - 21:54:04 | D ] D:\DiRT 3 [03/03/2011 - 22:08:19 | D ] D:\Divinity II - DKS [22/06/2011 - 16:42:00 | D ] D:\Downloads [11/03/2011 - 14:39:44 | D ] D:\Dragon Age 2 [11/06/2011 - 13:51:25 | D ] D:\DS 3 [24/03/2011 - 13:45:52 | D ] D:\EFLC [24/03/2011 - 00:44:24 | D ] D:\Eusing Free Registry Cleaner [25/05/2011 - 14:27:15 | D ] D:\Fable 3 [12/05/2011 - 23:14:05 | D ] D:\Fences [26/02/2011 - 15:05:14 | D ] D:\FIFA 11 [03/06/2011 - 00:30:56 | D ] D:\Filmy [20/06/2011 - 01:44:53 | D ] D:\FindAndRunRobot [23/03/2011 - 14:13:13 | D ] D:\Firefox [30/03/2011 - 15:39:29 | D ] D:\Foobar2000 [09/06/2011 - 22:18:59 | D ] D:\G4 [16/03/2011 - 19:41:37 | D ] D:\GIMP-2.0 [12/04/2011 - 10:01:41 | D ] D:\H.A.W.X [17/03/2011 - 23:08:10 | D ] D:\Hamachi [23/02/2011 - 00:36:15 | D ] D:\instalki [10/04/2011 - 19:39:15 | D ] D:\Internet Download Manager [22/06/2011 - 10:44:19 | D ] D:\iso psp [20/06/2011 - 22:10:38 | D ] D:\JD [20/06/2011 - 22:10:33 | D ] D:\JDownloader [06/03/2011 - 11:18:21 | D ] D:\Jupiter [05/11/2010 - 15:48:21 | D ] D:\K-Lite Codec Pack [22/06/2011 - 18:54:25 | D ] D:\Kane and Lynch [28/12/2010 - 16:34:52 | D ] D:\KMPlayer [27/01/2011 - 20:54:12 | N | 15912] D:\Komis.zip [15/05/2011 - 22:51:14 | D ] D:\Launchy [24/03/2011 - 00:07:15 | D ] D:\Magicka [25/01/2011 - 14:39:47 | D ] D:\Mass Effect 2 [09/12/2010 - 21:29:18 | D ] D:\Minecraft [27/01/2011 - 03:40:20 | D ] D:\Miranda IM [19/02/2011 - 14:40:26 | D ] D:\msdownld.tmp [22/06/2011 - 23:12:14 | D ] D:\Muzyka [20/05/2011 - 22:44:57 | D ] D:\NFS SHIFT 2 [24/05/2011 - 15:40:01 | D ] D:\nokia [20/05/2011 - 22:10:22 | D ] D:\Palringo [05/03/2011 - 15:09:57 | D ] D:\po AviReComp [20/04/2011 - 21:13:08 | D ] D:\Portal 2 [15/05/2011 - 22:50:12 | D ] D:\Pulpit [02/06/2011 - 00:33:46 | D ] D:\Riva Tuner [29/12/2010 - 14:14:41 | D ] D:\RocketDock [23/02/2011 - 00:54:18 | D ] D:\Rocketdock ikony itp [11/05/2011 - 17:02:47 | N | 1260747] D:\RSBot-239.jar [11/05/2011 - 16:30:29 | N | 725663] D:\RSBot-241.jar [11/05/2011 - 16:30:43 | N | 0] D:\RSBot.zip [07/03/2011 - 23:12:27 | D ] D:\Sherlock Holmes [27/01/2011 - 20:54:07 | N | 17545] D:\Sklep_11.45.zip [21/03/2011 - 17:50:05 | D ] D:\SlimDrivers [09/01/2011 - 15:49:17 | D ] D:\Speed mp3 Downloader [23/02/2011 - 22:17:29 | D ] D:\Speedfan [11/03/2011 - 18:09:03 | D ] D:\Spider man [18/04/2011 - 23:23:09 | D ] D:\Splash PRO [05/02/2011 - 13:33:00 | D ] D:\Sunrise Seven [07/12/2010 - 17:56:55 | D ] D:\Super Meat Boy [09/03/2011 - 14:06:20 | N | 179831654] D:\SUPER MOTYW NA WINDOWS 7Hyperdesk DarkMatter 2010 NOWOSC FULL WERSJA.exe [28/03/2011 - 18:22:14 | SHD ] D:\System Volume Information [09/06/2011 - 00:10:00 | D ] D:\Terraria [28/02/2011 - 23:04:32 | D ] D:\TmNationsForever [12/04/2011 - 10:02:18 | D ] D:\Tom Clancy's H.A.W.X [15/02/2011 - 23:42:26 | D ] D:\Torchlight [24/01/2011 - 23:51:32 | D ] D:\totalcmd [29/03/2011 - 15:08:26 | D ] D:\uTorrent [02/06/2011 - 22:02:27 | D ] D:\Video Card Stability Test [26/02/2011 - 15:32:42 | D ] D:\VobSub [28/02/2011 - 14:33:18 | N | 164481] D:\Wallpapers-room_com___Sidelights_IcyHot_by_yt458_1280x1024.jpg [24/02/2011 - 21:31:30 | D ] D:\WheelMan [18/05/2011 - 15:39:50 | D ] D:\Wiedźmin 2 [27/02/2011 - 20:32:53 | D ] D:\Winrar [27/01/2011 - 09:11:42 | N | 47014904] D:\XPIntro.bik [16/02/2011 - 00:54:20 | N | 320] D:\XPINTRO_Russian.sub [26/02/2011 - 15:32:07 | D ] D:\Xvid [24/03/2011 - 00:05:36 | D ] D:\Your Uninstaller 2010 [13/03/2011 - 16:26:15 | D ] D:\Znikad-720p.BRRip ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript) D:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_ŁUKASZ-KOMPUTER.zip http://www.teamxscript.org/Upload.php Thank you for your contribution. ################## | E.O.F | [/log] Raport z usuwania OTL [log]All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\cacaoweb\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\Chew7Hale\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk\ deleted successfully. C:\Windows\pss\20Dollars2Surf.lnk.CommonStartup moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Users^Łukasz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Launchy.lnk\ deleted successfully. C:\Windows\pss\Launchy.lnk.Startup moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe\ deleted successfully. C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\allplayer.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\allskincreator.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\creak- allplayer.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dirt3.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dtlite.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hamachi-2-ui.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jaf.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jafcomemulator.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jaflogger.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nokiaovisuite.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstlink.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstview.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\play.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\skype.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\slimdrivers.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uninstall.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utorrent.exe\ not found. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wmdc.exe\ deleted successfully. File "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" not found. Registry value HKEY_USERS\S-1-5-21-1041758257-3929182411-3212461294-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. Registry value HKEY_USERS\S-1-5-21-1041758257-3929182411-3212461294-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A8864317-E18B-4292-99D9-E6E65AB905D3} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8864317-E18B-4292-99D9-E6E65AB905D3}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6A4C77-05E8-5372-47E2-3CC149F77E64}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F6A4C77-05E8-5372-47E2-3CC149F77E64}\ deleted successfully. Prefs.js: cacaoweb@cacaoweb.org:1.0.9 removed from extensions.enabledItems Prefs.js: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48 removed from extensions.enabledItems C:\Users\Łukasz\AppData\Local\Codecs.exe moved successfully. C:\Users\Łukasz\AppData\Local\jushed.exe moved successfully. C:\ProgramData\nircmd.exe moved successfully. C:\Users\Łukasz\AppData\Local\nircmd.exe moved successfully. C:\Users\Łukasz\AppData\Local\operaprefs.ini moved successfully. C:\ProgramData\operaprefs.ini moved successfully. C:\ProgramData\jushed.exe moved successfully. C:\ProgramData\timerxfile moved successfully. C:\Users\Łukasz\Desktop\Downloads.lnk moved successfully. C:\Users\Łukasz\Desktop\Filmy.lnk moved successfully. File C:\ProgramData\timerxfile not found. C:\ProgramData\datesavefile moved successfully. C:\ProgramData\varsavefile moved successfully. File C:\ProgramData\operaprefs.ini not found. C:\Windows\System32\hale.exe moved successfully. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cacaoweb\ not found. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Chew7Hale\ not found. Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jushed\ deleted successfully. ========== COMMANDS ========== [EMPTYFLASH] User: Administrator ->Flash cache emptied: 456 bytes User: All Users User: Assassin's Creed Brotherhood User: Default User: Default User User: Dirt 3 ->Flash cache emptied: 456 bytes User: Public User: UpdatusUser User: Łukasz ->Flash cache emptied: 3851 bytes Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: Administrator ->Temp folder emptied: 19639959 bytes ->Temporary Internet Files folder emptied: 22720007 bytes ->Flash cache emptied: 0 bytes User: All Users User: Assassin's Creed Brotherhood User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Dirt 3 ->Temp folder emptied: 129759 bytes ->Temporary Internet Files folder emptied: 30313651 bytes ->Flash cache emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Łukasz ->Temp folder emptied: 1021515 bytes ->Temporary Internet Files folder emptied: 323277 bytes ->Java cache emptied: 15454724 bytes ->FireFox cache emptied: 39164089 bytes ->Google Chrome cache emptied: 308630528 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 602112 bytes %systemroot%\System32 .tmp files removed: 6475968 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 111541 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 424,00 mb OTL by OldTimer - Version 3.2.24.1 log created on 06222011_224635 Files\Folders moved on Reboot... Registry entries deleted on Reboot... [/log] OTL.txt [log]OTL logfile created on: 2011-06-22 23:21:57 - Run 2 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Łukasz\Downloads\Programs Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 65,77% Memory free 6,00 Gb Paging File | 5,04 Gb Available in Paging File | 84,06% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 78,03 Gb Total Space | 12,91 Gb Free Space | 16,54% Space Free | Partition Type: NTFS Drive D: | 358,06 Gb Total Space | 28,24 Gb Free Space | 7,89% Space Free | Partition Type: NTFS Drive G: | 3,77 Gb Total Space | 2,77 Gb Free Space | 73,65% Space Free | Partition Type: NTFS Computer Name: ŁUKASZ-KOMPUTER | User Name: Łukasz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2011-06-22 16:18:57 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Downloads\Programs\OTL.exe PRC - [2011-06-14 01:52:23 | 001,011,768 | ---- | M] (Google Inc.) -- C:\Users\Łukasz\AppData\Local\Google\Chrome\Application\chrome.exe PRC - [2011-04-05 19:55:34 | 003,278,232 | ---- | M] (Tonec Inc.) -- D:\Internet Download Manager\IDMan.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-01-24 23:52:49 | 000,151,622 | ---- | M] () -- C:\Windows\kmsem\KMService.exe PRC - [2011-01-24 23:51:51 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe PRC - [2010-11-20 14:17:58 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 14:17:54 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-11-20 14:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2010-11-20 14:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-08-12 15:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-05-25 16:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- D:\Internet Download Manager\IEMonitor.exe PRC - [2009-07-14 03:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiApSrv.exe PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:28 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2011-06-22 16:18:57 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Łukasz\Downloads\Programs\OTL.exe MOD - [2011-04-01 17:20:16 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2011-02-25 07:34:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-02-11 15:11:36 | 000,034,208 | ---- | M] (Tonec Inc.) -- D:\Internet Download Manager\idmmkb.dll MOD - [2010-11-20 14:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 14:21:20 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 14:19:26 | 000,857,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2010-11-20 14:19:26 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-14 18:04:48 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-05-25 09:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-01-24 23:51:51 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvany.exe -- (KMService) SRV - [2010-12-14 16:47:48 | 001,517,376 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010-12-14 16:45:42 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2010-12-08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-12-06 09:31:48 | 001,238,408 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- D:\Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-11-06 11:57:33 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010-10-25 16:32:26 | 000,381,144 | R--- | M] (cFos Software GmbH) [Auto | Stopped] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS) SRV - [2010-08-12 15:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-08-12 15:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2010-03-25 11:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-05-31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-05-25 09:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-03-28 19:46:40 | 000,086,792 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP) DRV - [2011-03-22 18:46:04 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2011-03-07 23:10:39 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2011-03-07 23:10:38 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-12-02 12:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010-12-02 12:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010-12-02 10:36:42 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010-12-02 10:36:42 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2010-11-29 20:27:40 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\WinUSB.SYS -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-11-09 15:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135) DRV - [2010-10-25 16:32:34 | 000,965,336 | ---- | M] (cFos Software GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\cfosspeed6.sys -- (cFosSpeed) cFosSpeed for faster Internet connections (NDIS 6) DRV - [2010-07-30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010-07-30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010-07-29 14:31:26 | 000,136,632 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2010-07-29 14:31:26 | 000,134,512 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw) DRV - [2010-07-29 14:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-07-29 14:31:26 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp) DRV - [2010-07-29 14:31:26 | 000,032,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2009-08-22 20:25:00 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Riva Tuner\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys -- (RivaTuner32) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-07-24 00:29:16 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vserial.sys -- (vserial) DRV - [2008-07-24 00:29:16 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vsb.sys -- (vsbus) DRV - [2006-09-24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2000-01-01 02:00:00 | 000,173,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - [2000-01-01 02:00:00 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2000-01-01 02:00:00 | 000,044,032 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUCcid.sys -- (RSUSBCCID) DRV - [2000-01-01 02:00:00 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter) DRV - [2000-01-01 02:00:00 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2000-01-01 02:00:00 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [1996-04-03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - Reg Error: Key error. File not found IE - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.2.6 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-12-25 14:02:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-06 11:01:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: D:\Firefox\components [2011-04-27 17:57:04 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: D:\Firefox\plugins [2011-05-05 19:16:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010-11-05 16:14:11 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-12-25 14:02:08 | 000,000,000 | ---D | M] [2010-11-14 21:10:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\Mozilla\Extensions [2011-03-23 14:13:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\g8148kl8.default\extensions [2011-03-10 19:37:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\g8148kl8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011-02-04 16:31:18 | 000,002,059 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\g8148kl8.default\searchplugins\daemon-search.xml File not found (No name found) -- File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\IDM\IDMMZCC3 File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G8148KL8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D} File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G8148KL8.DEFAULT\EXTENSIONS\CACAOWEB@CACAOWEB.ORG.XPI [2011-04-03 09:59:21 | 000,000,000 | ---D | M] (Java Console) -- D:\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\ALLPlayer\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team) O4 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001..\Run: [IDMan] D:\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001..\Run: [uTorrent] D:\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKLM..\RunOnce: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UseOEMBackground = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0 O7 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Ściągnij przez IDM - D:\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - D:\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\..Trusted Domains: mks.com.pl ([www] https in Trusted sites) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab (SysInfo Class) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - D:\Fences\Stardock\Fences\FencesMenu.dll (Stardock) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011-06-22 23:12:33 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-06-22 23:12:33 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O33 - MountPoints2\{16ccb8c0-54a4-11e0-bef0-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{16ccb8c0-54a4-11e0-bef0-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.) MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - D:\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: [b]BCSSync[/b] - hkey= - key= - C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) MsConfig - StartUpReg: [b]DAEMON Tools Lite[/b] - hkey= - key= - D:\Daemon Tool\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\Łukasz\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig - StartUpReg: [b]HP Software Update[/b] - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]hpqSRMon[/b] - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard) MsConfig - StartUpReg: [b]IDMan[/b] - hkey= - key= - D:\Internet Download Manager\IDMan.exe (Tonec Inc.) MsConfig - StartUpReg: [b]LogMeIn Hamachi Ui[/b] - hkey= - key= - D:\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) MsConfig - StartUpReg: [b]NokiaMServer[/b] - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) MsConfig - StartUpReg: [b]NokiaOviSuite2[/b] - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia) MsConfig - StartUpReg: [b]RocketDock[/b] - hkey= - key= - D:\RocketDock\RocketDock.exe () MsConfig - StartUpReg: [b]Start WingMan Profiler[/b] - hkey= - key= - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) MsConfig - StartUpReg: [b]SunJavaUpdateSched[/b] - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig - StartUpReg: [b]uTorrent[/b] - hkey= - key= - D:\uTorrent\uTorrent.exe (BitTorrent, Inc.) MsConfig - StartUpReg: [b]Windows Mobile Device Center[/b] - hkey= - key= - C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) MsConfig - State: "startup" - 2 MsConfig - State: "bootini" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: Hamachi2Svc - D:\Hamachi\hamachi-2.exe (LogMeIn Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2011-06-22 23:12:33 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2011-06-22 22:55:42 | 000,000,000 | ---D | C] -- C:\UsbFix [2011-06-22 22:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover [2011-06-22 22:46:35 | 000,000,000 | ---D | C] -- C:\_OTL [2011-06-22 18:59:04 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2011-06-22 18:49:08 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\kaneandlynch [2011-06-22 16:25:54 | 000,000,000 | ---D | C] -- C:\rsit [2011-06-19 23:33:21 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\DonationCoder [2011-06-19 23:33:20 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Documents\DonationCoder [2011-06-15 22:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Premium Link Generator [2011-06-14 18:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2011-06-14 17:45:18 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Adobe [2011-06-14 17:13:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2011-06-14 17:12:55 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011-06-14 17:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant [2011-06-14 17:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2011-06-14 17:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2011-06-14 00:03:31 | 000,000,000 | --SD | C] -- C:\Users\Łukasz\Documents\Moje źródła danych [2011-06-09 00:10:03 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria [2011-06-08 22:25:24 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\Edycje rejestru [2011-06-06 16:14:05 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011-06-02 22:02:28 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\FreeStone Group [2011-06-02 00:33:49 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition [2011-05-30 23:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011-05-30 13:24:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS [2011-05-30 13:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters [2011-05-30 13:22:40 | 003,461,120 | ---- | C] (Valve Corporation) -- C:\Windows\System32\Steam.dll [2011-05-30 13:17:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2011-05-30 13:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE [2011-05-26 21:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound [2011-05-26 21:49:16 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\System32\rapture3d_oal.dll [2011-05-26 21:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\BRS [2011-05-24 15:14:52 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Windows 7 Account Screen Editor [2011-05-22 11:01:20 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Lionhead Studios [2011-05-20 18:13:54 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Microsoft_Corporation [2011-05-18 23:50:15 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2011-05-18 21:39:42 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Documents\Pliki programu Outlook [2011-05-18 15:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 2 [2011-05-17 23:40:40 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Documents\Witcher 2 [2011-05-17 23:40:40 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\The Witcher 2 [2011-05-15 22:52:48 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\Desktop\Damian [2011-05-13 23:24:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras [2011-05-13 23:24:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011-05-13 23:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011-05-12 23:14:07 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Stardock [2011-05-12 23:14:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A87EB928-0C6C-4071-AEF1-59E32BAEDF1B} [2011-05-12 23:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fences [2011-05-12 23:13:36 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\PackageAware [2011-05-12 17:14:45 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\.jagex_cache_32 [2011-04-27 17:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative [2011-04-27 17:57:02 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll [2011-04-27 17:57:02 | 000,000,000 | ---D | C] -- C:\Program Files\Real Alternative [2011-04-27 17:57:02 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Roaming\Real [2011-04-27 17:57:02 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\Real [2011-04-27 17:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2011-04-24 11:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\VORBIS [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\L3 [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\FLAC [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\DOLBY [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\APE [2011-04-24 11:50:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\AMR [2011-04-24 11:50:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\QUARTZ [2011-04-24 11:50:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\AAC [2011-04-24 11:50:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\HAALI [2011-04-24 11:50:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\GABEST [2011-04-24 11:50:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\X264 [2011-04-24 11:50:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\FFDShow [2011-04-24 11:50:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\WM9 [2011-04-24 11:50:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\OGG [2011-04-24 11:50:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\MPEG2 [2011-04-24 11:50:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\XVID [2011-04-24 11:50:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\FLV [2011-04-24 11:50:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\DIVX [2011-04-24 11:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2011-04-24 11:38:08 | 000,000,000 | ---D | C] -- C:\Users\Łukasz\AppData\Local\ALLPlayer [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2011-06-22 23:12:35 | 000,003,198 | ---- | M] () -- C:\UsbFix_Upload_Me_ŁUKASZ-KOMPUTER.zip [2011-06-22 23:00:34 | 000,736,096 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-06-22 23:00:34 | 000,650,212 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-06-22 23:00:34 | 000,152,676 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-06-22 23:00:34 | 000,119,282 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-06-22 22:53:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-22 22:49:52 | 000,001,843 | ---- | M] () -- C:\Users\Łukasz\Desktop\AD-R.lnk [2011-06-22 22:47:19 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 22:47:19 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-22 22:28:16 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041758257-3929182411-3212461294-1001UA.job [2011-06-22 18:59:04 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2011-06-22 14:48:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041758257-3929182411-3212461294-1001Core.job [2011-06-19 23:33:21 | 000,000,046 | ---- | M] () -- C:\Users\Łukasz\AppData\Local\DonationCoder_findrunrobot_InstallInfo.dat [2011-06-11 15:52:48 | 000,000,129 | ---- | M] () -- C:\Users\Łukasz\jagex_runescape_preferences2.dat [2011-06-11 15:51:48 | 000,000,046 | ---- | M] () -- C:\Users\Łukasz\jagex_runescape_preferences.dat [2011-06-09 00:10:03 | 000,000,544 | ---- | M] () -- C:\Users\Łukasz\Desktop\Terraria.lnk [2011-06-02 22:02:27 | 000,000,890 | ---- | M] () -- C:\Users\Łukasz\Desktop\Video Card Stability Test.lnk [2011-06-02 18:48:35 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2011-05-30 19:31:43 | 000,000,498 | ---- | M] () -- C:\Users\Łukasz\Desktop\play — skrót.lnk [2011-05-29 09:44:03 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job [2011-05-25 14:27:18 | 000,000,136 | ---- | M] () -- C:\Users\Łukasz\Desktop\FIFA 11 — skrót.lnk [2011-05-25 09:24:44 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011-05-25 09:24:42 | 000,004,364 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2011-05-21 11:04:12 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 00:34:10 | 000,000,618 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk [2011-05-20 22:35:28 | 000,304,744 | ---- | M] () -- C:\Windows\System32\nvStreaming.exe [2011-05-18 15:34:40 | 000,000,397 | ---- | M] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [2011-05-15 17:23:44 | 000,001,457 | ---- | M] () -- C:\Users\Łukasz\.recently-used.xbel [2011-05-11 16:44:49 | 000,000,090 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\RSBot_Accounts.ini [2011-04-24 11:58:50 | 000,000,469 | ---- | M] () -- C:\Windows\System32\libFLAC.dll [2011-04-24 11:58:50 | 000,000,469 | ---- | M] () -- C:\Windows\System32\evrprop.dll [2011-04-24 11:58:49 | 000,000,469 | ---- | M] () -- C:\Windows\System32\iconv.dll [2011-04-24 11:58:48 | 000,000,469 | ---- | M] () -- C:\Windows\System32\mkzlib.dll [2011-04-24 11:58:48 | 000,000,469 | ---- | M] () -- C:\Windows\System32\mkunicode.dll [2011-04-24 11:58:45 | 000,000,469 | ---- | M] () -- C:\Windows\System32\xvidcore.dll [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-22 23:12:35 | 000,003,198 | ---- | C] () -- C:\UsbFix_Upload_Me_ŁUKASZ-KOMPUTER.zip [2011-06-22 22:49:52 | 000,001,843 | ---- | C] () -- C:\Users\Łukasz\Desktop\AD-R.lnk [2011-06-19 23:33:21 | 000,000,046 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\DonationCoder_findrunrobot_InstallInfo.dat [2011-06-14 18:06:32 | 000,000,716 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CS4.lnk [2011-06-14 18:05:01 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk [2011-06-09 00:10:03 | 000,000,544 | ---- | C] () -- C:\Users\Łukasz\Desktop\Terraria.lnk [2011-06-02 22:02:27 | 000,000,890 | ---- | C] () -- C:\Users\Łukasz\Desktop\Video Card Stability Test.lnk [2011-05-30 19:31:45 | 000,000,498 | ---- | C] () -- C:\Users\Łukasz\Desktop\play — skrót.lnk [2011-05-25 14:27:18 | 000,000,136 | ---- | C] () -- C:\Users\Łukasz\Desktop\FIFA 11 — skrót.lnk [2011-05-21 11:04:12 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-05-21 00:34:10 | 000,000,618 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk [2011-05-20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011-05-18 15:34:40 | 000,000,397 | ---- | C] () -- C:\Users\Public\Desktop\Uruchom Wiedźmin 2.lnk [2011-05-15 22:54:08 | 000,000,925 | ---- | C] () -- C:\Users\Łukasz\Desktop\Torchlight.lnk [2011-05-15 22:54:06 | 000,000,462 | ---- | C] () -- C:\Users\Łukasz\Desktop\Tom Clancy's H.A.W.X — skrót.lnk [2011-05-15 22:54:04 | 000,000,611 | ---- | C] () -- C:\Users\Łukasz\Desktop\TmNationsForever.lnk [2011-05-15 22:54:02 | 000,001,077 | ---- | C] () -- C:\Users\Łukasz\Desktop\Test Drive Unlimited 2.lnk [2011-05-15 22:54:00 | 000,000,586 | ---- | C] () -- C:\Users\Łukasz\Desktop\Super Meat Boy.lnk [2011-05-15 22:53:57 | 000,000,619 | ---- | C] () -- C:\Users\Łukasz\Desktop\Sherlock Holmes kontra Kuba Rozpruwacz.lnk [2011-05-15 22:53:52 | 000,000,907 | ---- | C] () -- C:\Users\Łukasz\Desktop\Minecraft.lnk [2011-05-15 22:53:50 | 000,000,602 | ---- | C] () -- C:\Users\Łukasz\Desktop\Mass Effect 2.lnk [2011-05-15 22:53:49 | 000,000,663 | ---- | C] () -- C:\Users\Łukasz\Desktop\GTA EFLC.lnk [2011-05-15 22:53:47 | 000,001,078 | ---- | C] () -- C:\Users\Łukasz\Desktop\GameRanger.lnk [2011-05-15 22:53:44 | 000,001,092 | ---- | C] () -- C:\Users\Łukasz\Desktop\Dragon Age 2.lnk [2011-05-15 22:53:42 | 000,000,750 | ---- | C] () -- C:\Users\Łukasz\Desktop\Divinity II - DKS.lnk [2011-05-15 22:53:39 | 000,001,490 | ---- | C] () -- C:\Users\Łukasz\Desktop\Dead Space™.lnk [2011-05-15 22:53:34 | 000,000,992 | ---- | C] () -- C:\Users\Łukasz\Desktop\Crysis 2.lnk [2011-05-15 22:53:32 | 000,000,595 | ---- | C] () -- C:\Users\Łukasz\Desktop\AC Brotherhood.lnk [2011-05-15 22:53:26 | 000,001,607 | ---- | C] () -- C:\Users\Łukasz\Desktop\Splash PRO.lnk [2011-05-15 22:53:19 | 000,000,587 | ---- | C] () -- C:\Users\Łukasz\Desktop\Portal 2.lnk [2011-05-15 22:52:39 | 000,000,673 | ---- | C] () -- C:\Users\Łukasz\Desktop\Your Unin-staller!.lnk [2011-05-15 22:52:26 | 000,000,589 | ---- | C] () -- C:\Users\Łukasz\Desktop\Mozilla Firefox.lnk [2011-05-15 22:52:23 | 000,000,627 | ---- | C] () -- C:\Users\Łukasz\Desktop\KMPlayer.lnk [2011-05-15 22:52:19 | 000,000,586 | ---- | C] () -- C:\Users\Łukasz\Desktop\Eusing Free Registry Cleaner.lnk [2011-05-15 22:52:16 | 000,000,797 | ---- | C] () -- C:\Users\Łukasz\Desktop\DAEMON Tools Lite.lnk [2011-05-15 22:52:12 | 000,000,595 | ---- | C] () -- C:\Users\Łukasz\Desktop\Ashampoo Burning Studio 10.lnk [2011-05-15 17:23:44 | 000,001,457 | ---- | C] () -- C:\Users\Łukasz\.recently-used.xbel [2011-04-24 11:50:20 | 000,000,469 | ---- | C] () -- C:\Windows\System32\evrprop.dll [2011-04-24 11:50:19 | 000,000,469 | ---- | C] () -- C:\Windows\System32\iconv.dll [2011-04-24 11:50:18 | 000,000,469 | ---- | C] () -- C:\Windows\System32\mkzlib.dll [2011-04-24 11:50:17 | 000,000,469 | ---- | C] () -- C:\Windows\System32\mkunicode.dll [2011-04-24 11:38:08 | 000,797,184 | ---- | C] () -- C:\Windows\System32\ac3filter.ax [2011-04-24 11:38:08 | 000,000,469 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-04-24 11:38:08 | 000,000,469 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-04-07 21:54:00 | 000,315,682 | ---- | C] () -- C:\Windows\System32\slwc.exe [2011-04-07 21:51:48 | 000,111,104 | ---- | C] () -- C:\Windows\System32\Uharc.exe [2011-04-07 21:51:48 | 000,008,636 | ---- | C] () -- C:\Windows\System32\modifype.exe [2011-04-04 00:31:39 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-04-04 00:29:56 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-03-30 15:49:44 | 000,077,824 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\chrtmp [2011-03-21 18:01:54 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2011-03-19 01:14:33 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011-03-19 01:14:32 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011-03-16 21:19:24 | 000,007,605 | ---- | C] () -- C:\Users\Łukasz\AppData\Local\Resmon.ResmonCfg [2011-03-09 00:53:01 | 007,006,398 | ---- | C] () -- C:\Windows\temp.exe [2011-03-07 23:10:39 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2011-03-07 23:10:38 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2011-03-06 10:49:37 | 000,229,947 | ---- | C] () -- C:\Windows\hpoins19.dat [2011-03-06 10:49:37 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2011-02-28 20:25:11 | 000,459,264 | ---- | C] () -- C:\Windows\System32\mchEvaluation.exe [2011-02-26 22:54:18 | 000,286,208 | ---- | C] () -- C:\Windows\System32\binkw32.dll [2011-02-23 19:07:49 | 000,118,784 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2011-02-23 19:06:01 | 000,011,264 | ---- | C] () -- C:\Windows\System32\ogg.dll [2011-01-24 23:52:49 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2010-12-10 12:51:45 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010-12-03 15:55:01 | 000,000,006 | ---- | C] () -- C:\Windows\f2areg64.dll [2010-11-14 21:10:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-11-05 17:19:05 | 000,000,090 | ---- | C] () -- C:\Users\Łukasz\AppData\Roaming\RSBot_Accounts.ini [2010-11-05 15:48:13 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-11-05 15:48:09 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009-07-14 10:07:57 | 000,736,096 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-07-14 10:07:57 | 000,152,676 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 06:33:53 | 000,407,824 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 04:05:48 | 000,650,212 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 04:05:48 | 000,119,282 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-07-14 01:41:47 | 000,001,536 | ---- | C] () -- C:\Windows\System32\winver.exe [2009-07-13 02:07:46 | 000,025,448 | ---- | C] () -- C:\Windows\System32\drivers\uxpatch.sys [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2009-06-07 16:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-01-28 20:50:44 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll [2008-07-24 00:29:16 | 000,047,744 | ---- | C] () -- C:\Windows\System32\drivers\vserial.sys [2008-07-24 00:29:16 | 000,015,264 | ---- | C] () -- C:\Windows\System32\drivers\vsb.sys [2007-07-23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007-07-23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007-07-23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007-07-23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2011-05-11 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DMCache [2011-02-12 10:31:52 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\ESET [2011-03-20 19:36:22 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\foobar2000 [2011-05-11 12:13:05 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\IDM [2011-05-11 12:12:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software [2011-05-11 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\uTorrent [2011-05-30 22:53:41 | 000,000,000 | ---D | M] -- C:\Users\Dirt 3\AppData\Roaming\ESET [2011-05-30 22:53:43 | 000,000,000 | ---D | M] -- C:\Users\Dirt 3\AppData\Roaming\Stardock [2011-05-30 22:52:58 | 000,000,000 | ---D | M] -- C:\Users\Dirt 3\AppData\Roaming\TuneUp Software [2011-04-21 13:52:14 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\.minecraft [2010-11-18 00:57:59 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\360desktop [2011-02-27 20:42:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\App Launcher Gadget [2011-02-26 16:27:57 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Ashampoo [2011-02-28 19:14:08 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\AVI ReComp [2011-04-08 13:31:56 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\BESTplayer [2010-12-27 02:08:08 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\cacaoweb [2011-06-14 17:12:55 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2010-11-05 17:01:13 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Lite [2011-02-27 20:38:39 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DAEMON Tools Pro [2011-06-22 23:20:58 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DMCache [2011-06-19 23:33:21 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\DonationCoder [2010-11-05 16:14:49 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\ESET [2011-06-22 19:43:12 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\foobar2000 [2011-06-02 22:02:28 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\FreeStone Group [2011-02-26 11:53:28 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\GameRanger [2011-03-07 23:13:21 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Games [2010-11-12 12:20:07 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\GHISLER [2011-05-15 17:24:48 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\gtk-2.0 [2011-04-20 21:00:20 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\IDM [2011-04-08 15:13:40 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Launchy [2010-11-05 17:21:36 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Leadertech [2011-05-22 11:01:20 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Lionhead Studios [2011-04-18 23:23:37 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Mirillis [2010-11-12 12:56:51 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\My Games [2011-02-21 02:00:34 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Opera [2010-12-25 14:07:26 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\PC Suite [2011-03-19 01:14:31 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\PunkBuster [2011-02-01 16:45:38 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Rovio [2011-02-15 23:29:34 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\runic games [2011-03-09 21:50:14 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Salling Software AB [2011-01-09 15:49:41 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\SpeedMP3Downloader [2011-05-12 23:14:07 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Stardock [2011-03-09 00:54:25 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Thinking Minds Budiling Bytes [2011-06-13 23:19:40 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\Thinstall [2011-03-11 00:32:06 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\TuneUp Software [2011-02-22 23:26:18 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\URSoft [2011-06-22 22:54:22 | 000,000,000 | ---D | M] -- C:\Users\Łukasz\AppData\Roaming\uTorrent [2011-05-17 14:20:52 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-05-29 09:44:03 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\SlimDrivers Startup.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-06-22 22:50:50 | 000,005,568 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-11-18 00:37:29 | 000,000,000 | ---- | M] () -- C:\IO.SYS [2011-02-04 16:27:08 | 000,018,915 | ---- | M] () -- C:\mksbasel.cpp.log [2010-11-18 00:37:29 | 000,000,000 | ---- | M] () -- C:\MSDOS.SYS [2011-06-22 22:53:49 | 3219,644,416 | -HS- | M] () -- C:\pagefile.sys [2010-11-18 00:37:54 | 000,000,000 | ---- | M] () -- C:\TP17A269.$$$ [2011-06-22 23:16:45 | 000,007,912 | ---- | M] () -- C:\UsbFix.txt [2011-06-22 23:12:35 | 000,003,198 | ---- | M] () -- C:\UsbFix_Upload_Me_ŁUKASZ-KOMPUTER.zip [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T155359517481\internal_ide_channel\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T155359517481\pci\ven_8086&dev_27c0\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T160110684877\internal_ide_channel\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T160110684877\pci\ven_8086&dev_27c0\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T162449280101\internal_ide_channel\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T162449280101\pci\ven_8086&dev_27c0\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T163013458653\internal_ide_channel\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T155359517481\gencdrom\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T160110684877\gencdrom\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T162449280101\gencdrom\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Users\Łukasz\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20110321T163013458653\gencdrom\cdrom.sys [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 14:17:54 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=1562571D6B1541098E677C3BB78709A0 -- C:\Windows\System32\winlogon.exe [2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\ProgramData\Microsoft\Windows\SXS\32\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Users\All Users\Microsoft\Windows\SXS\32\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 157 bytes -> C:\ProgramData\TEMP:1CE11B51 < End of report > [/log]
wirusolog komentarz 23 czerwca 2011 komentarz 23 czerwca 2011 [quote] Deleted ! D:\MUZYKA [/quote] Pomyłka ze strony USBFix. Wyciągnij ten folder z kwaratanny USBFix'a i skasuj ze wszystkich plików przedrostek [b]*.vir[/b] Jeżeli zbytnio nie umiesz - pisz. [hr] [b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst: [code]:OTL O4 - HKLM..\RunOnce: [] File not found [2011-02-04 16:31:18 | 000,002,059 | ---- | M] () -- C:\Users\Łukasz\AppData\Roaming\Mozilla\Firefox\Profiles\g8148kl8.default\searchplugins\daemon-search.xml File not found (No name found) -- File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\IDM\IDMMZCC3 File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G8148KL8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D} File not found (No name found) -- C:\USERS\ĹUKASZ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\G8148KL8.DEFAULT\EXTENSIONS\CACAOWEB@CACAOWEB.ORG.XPI IE - HKU\S-1-5-21-1041758257-3929182411-3212461294-1001\..\URLSearchHook: {a8864317-e18b-4292-99d9-e6e65ab905d3} - Reg Error: Key error. File not found :Files C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041758257-3929182411-3212461294-1001UA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1041758257-3929182411-3212461294-1001Core.job C:\Users\Łukasz\jagex_runescape_preferences2.dat C:\Users\Łukasz\jagex_runescape_preferences.dat C:\Windows\temp.exe C:\TP17A269.$$$ :Commands [emptytemp] [/code] Kliknij w [b]Wykonaj Skrypt[/b]. Zatwierdź restart komputera. Po restarcie pokaż wykaz z usuwania.
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.