x-kom hosting

URL:Mal (Avast)

wacek223
utworzono
utworzono

Avast wywala mi cały czas komunikat z tym URL:Mal (Firefox.exe, chrome.exe.) Na każdej stronie..

Oto Screen http://www.fotosik.pl/pokaz_obrazek/91bae8012f0bbc56.html

Logi OTL

[log]OTL logfile created on: 2011-07-11 14:35:10 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\J23\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,87 Gb Total Physical Memory | 1,13 Gb Available Physical Memory | 60,33% Memory free
3,75 Gb Paging File | 2,78 Gb Available in Paging File | 74,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,08 Gb Total Space | 10,20 Gb Free Space | 26,11% Space Free | Partition Type: NTFS
Drive D: | 109,97 Gb Total Space | 15,26 Gb Free Space | 13,88% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 6,31 Gb Free Space | 4,24% Space Free | Partition Type: NTFS
Drive G: | 149,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: J23-KOMPUTER | User Name: J23 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-07-11 14:25:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\J23\Downloads\OTL.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-06-24 08:25:50 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2011-05-26 21:50:22 | 015,147,400 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2010-10-29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-07-04 19:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
PRC - [2009-07-14 03:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\notepad.exe
PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-07-11 14:25:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\J23\Downloads\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011-04-29 06:54:14 | 002,064,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2011-04-22 21:10:01 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2011-04-22 21:09:57 | 001,230,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2011-02-25 07:34:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2010-11-20 14:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
MOD - [2010-11-20 14:19:26 | 000,857,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2010-11-20 14:19:26 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (BlueSoleilCS)
SRV - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-01-12 21:33:36 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
SRV - [2010-12-18 11:17:09 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-08-24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS.exe -- (DfSdkS)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-09-08 08:59:00 | 000,575,488 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-05-31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-07-05 23:47:02 | 000,020,992 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Temporary\cpu.sys -- (cpudriver)
DRV - [2011-07-04 13:37:33 | 000,103,384 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-07-04 13:36:18 | 000,194,264 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-07-04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-05-17 16:50:47 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-02-23 14:34:54 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-08-16 16:31:08 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2010-08-16 16:31:06 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-04-27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010-04-27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010-04-27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2010-04-06 19:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010-04-06 19:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010-04-06 19:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009-07-14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008-08-26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-06-02 06:37:58 | 000,236,800 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RT2500.sys -- (RT2500)
DRV - [2005-01-31 11:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005-01-31 11:12:46 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004-01-23 19:34:26 | 000,037,840 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\ext2fs.sys -- (Ext2FS)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://onet.pl/
IE - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: "LogiTool Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: IplextoALL@ALLPlayer.org:0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {481f306a-420c-4673-be90-543b7d62a78e}:3.3.3.2
FF - prefs.js..extensions.enabledItems: support@auto-hide-ip.com:1.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&q="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 4

FF - user.js..browser.search.openintab: false

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\J23\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\J23\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-11 14:00:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-23 10:45:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-20 20:25:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\profilinstylin\profilinstylin [2011-07-04 11:18:37 | 000,000,000 | ---D | M]

[2008-09-01 22:33:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\J23\AppData\Roaming\mozilla\Extensions
[2011-07-02 14:46:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions
[2011-06-23 10:45:57 | 000,000,000 | ---D | M] (LogiTool Community Toolbar) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}
[2010-12-17 21:38:55 | 000,000,000 | ---D | M] ("ProCon Latte") -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C}
[2011-03-27 20:02:36 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\engine@conduit.com
[2011-04-07 20:09:54 | 000,000,000 | ---D | M] (Auto Hide IP) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\support@auto-hide-ip.com
[2011-03-15 12:44:50 | 000,000,919 | ---- | M] () -- C:\Users\J23\AppData\Roaming\Mozilla\Firefox\Profiles\hcn2mha1.default\searchplugins\conduit.xml
[2011-06-17 03:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-06-17 03:24:03 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-12-19 10:56:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-12-21 17:53:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-03-13 09:37:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011-07-11 14:00:25 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-04 11:18:37 | 000,000,000 | ---D | M] (profilinstylin - Change your Facebook layout!) -- C:\PROGRAM FILES\PROFILINSTYLIN\PROFILINSTYLIN
() (No name found) -- C:\USERS\J23\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HCN2MHA1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\J23\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HCN2MHA1.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2011-06-23 10:45:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-02-02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-04-20 20:24:54 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-04-20 20:24:54 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-04-20 20:24:54 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-04-20 20:24:54 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-04-20 20:24:54 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-04-20 20:24:54 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: 使用快车3下载 - C:\Users\J23\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\J23\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-06-05 17:43:15 | 000,055,637 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O32 - AutoRun File - [2003-05-16 10:59:28 | 000,508,416 | R--- | M] () - G:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003-05-16 10:53:56 | 000,003,262 | R--- | M] () - G:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2001-11-13 16:18:04 | 000,000,047 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{b7e78240-8095-11e0-b952-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b7e78240-8095-11e0-b952-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2003-05-16 10:59:28 | 000,508,416 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AdobeAAMUpdater-1.0[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AdobeCS5ServiceManager[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AdVantage[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]AlcoholAutomount[/b] - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: [b]Auto Hide IP[/b] - hkey= - key= - C:\Program Files\AutoHideIP\AutoHideIP.exe (AutoHideIP.Com)
MsConfig - StartUpReg: [b]BCSSync[/b] - hkey= - key= - C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]BtTray[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]SwitchBoard[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Windows Mobile Device Center[/b] - hkey= - key= - C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-07-11 14:22:15 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011-07-11 14:20:25 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Local\Google
[2011-07-09 22:58:49 | 000,955,070 | ---- | C] (Informer Technologies, Inc. ) -- C:\Users\J23\Desktop\siinst.exe
[2011-07-07 21:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011-07-07 21:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011-07-07 21:33:21 | 000,000,000 | ---D | C] -- C:\ATI
[2011-07-07 20:42:17 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011-07-07 20:42:17 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011-07-07 20:42:17 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011-07-07 20:42:17 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011-07-07 20:42:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011-07-07 20:42:16 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011-07-07 20:42:16 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011-07-07 20:42:16 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011-07-07 20:42:15 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011-07-07 20:42:08 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011-07-07 20:42:08 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011-07-07 20:42:08 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011-07-07 20:42:07 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011-07-07 20:42:07 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011-07-07 20:42:07 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011-07-07 20:42:06 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011-07-07 20:42:06 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011-07-07 20:39:21 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\18 WoS Haulin
[2011-07-07 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\18 Wheels of Steel Haulin
[2011-07-07 20:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 Wheels of Steel Haulin
[2011-07-07 20:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\18 Wheels of Steel Haulin
[2011-07-07 19:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Truck
[2011-07-07 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Hard Truck
[2011-07-06 15:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nLite
[2011-07-06 15:30:17 | 000,000,000 | ---D | C] -- C:\Program Files\nLite
[2011-07-06 12:19:49 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Amilo Li 2727
[2011-07-06 08:05:51 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011-07-05 23:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Temporary
[2011-07-05 23:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\Temp
[2011-07-05 11:51:12 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\furry2final
[2011-07-04 11:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\profilinstylin
[2011-07-03 22:25:30 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Firmware-Avila-SAMSUNG-Niebrandowany
[2011-07-03 21:40:51 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\NPS
[2011-07-03 21:40:37 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\My Art
[2011-07-03 21:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio
[2011-07-03 21:35:06 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys
[2011-07-03 21:35:06 | 000,098,432 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys
[2011-07-03 21:35:06 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys
[2011-07-03 21:35:06 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys
[2011-07-03 21:35:06 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys
[2011-07-03 21:35:06 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys
[2011-07-03 21:35:06 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys
[2011-07-03 21:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2011-07-03 21:33:47 | 000,238,952 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
[2011-07-03 21:33:27 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Samsung
[2011-07-03 21:33:27 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\My NPS Files
[2011-07-03 21:33:16 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\Samsung
[2011-07-03 21:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2011-07-03 21:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2011-07-03 21:30:01 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Local\Downloaded Installations
[2011-07-02 20:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
[2011-07-02 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2011-07-02 20:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2011-07-02 20:34:57 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\My ISO Files
[2011-07-02 20:33:24 | 003,849,322 | ---- | C] (EZB Systems, Inc. ) -- C:\Users\J23\Desktop\uiso9_pe.exe
[2011-07-02 14:49:02 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Furry_www.victorygames.pl
[2011-06-29 11:54:02 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011-06-29 11:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011-06-29 11:54:01 | 000,309,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011-06-29 11:53:59 | 000,103,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011-06-29 11:53:40 | 000,194,264 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011-06-29 11:53:39 | 000,043,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011-06-29 11:53:39 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011-06-29 11:53:38 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011-06-29 11:53:38 | 000,054,104 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011-06-29 11:53:10 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011-06-29 11:53:09 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011-06-29 11:53:09 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-06-29 11:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011-06-29 11:53:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-06-29 11:51:33 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Avast Internet Security v6.0.1000 [PL] Crack
[2011-06-28 20:39:27 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011-06-28 20:39:27 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011-06-28 20:39:26 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011-06-28 20:39:26 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011-06-28 20:39:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011-06-28 20:39:25 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011-06-27 10:07:02 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011-06-17 03:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011-06-17 03:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011-06-16 09:45:17 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\K550
[2011-06-16 05:04:56 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011-06-16 05:04:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011-06-16 05:04:55 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-06-16 05:04:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011-06-15 11:09:54 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\aerix
[2011-06-14 22:07:07 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\GTA San Andreas User Files
[2011-06-14 21:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2011-06-14 21:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2011-06-12 18:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2011-06-12 18:52:21 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Win7codecs
[2011-06-12 18:52:13 | 000,000,000 | ---D | C] -- C:\Program Files\Win7codecs
[2011-06-06 21:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011-06-05 17:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMapa 6
[2011-06-05 17:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\AutoMapa EU
[2011-06-02 20:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011-06-02 20:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011-06-02 18:04:11 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011-05-18 20:13:26 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011-05-18 15:43:59 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Local\Apple Computer
[2011-05-17 16:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011-05-17 16:48:07 | 011,193,664 | ---- | C] (DT Soft Ltd.) -- C:\Users\J23\Desktop\DTLite4402-0131.exe
[2011-05-16 19:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011-05-16 19:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011-05-16 19:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011-05-16 19:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011-05-16 19:27:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011-05-16 19:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011-05-16 19:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011-05-16 19:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011-05-16 19:23:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011-05-16 19:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-05-16 19:21:05 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-02-03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-07-11 14:25:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000UA.job
[2011-07-11 14:25:00 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000Core.job
[2011-07-11 14:22:17 | 000,002,264 | ---- | M] () -- C:\Users\J23\Desktop\Google Chrome.lnk
[2011-07-11 14:15:52 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-07-11 14:15:52 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-07-11 14:12:59 | 000,701,022 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-07-11 14:12:59 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-07-11 14:12:59 | 000,136,040 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-07-11 14:12:59 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-07-11 14:08:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-07-11 14:06:31 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011-07-11 12:54:06 | 000,011,247 | ---- | M] () -- C:\Users\J23\Desktop\CV_2.zip
[2011-07-11 12:52:52 | 000,010,937 | ---- | M] () -- C:\Users\J23\Desktop\CV_1.zip
[2011-07-11 11:59:55 | 048,062,655 | ---- | M] () -- C:\Users\J23\Desktop\sterowniki_xp_fujitsu_siemens_amilo_li2727.rar
[2011-07-11 08:52:20 | 000,000,010 | ---- | M] () -- C:\Windows\popcinfo.dat
[2011-07-10 19:16:38 | 000,248,572 | ---- | M] () -- C:\Users\J23\Documents\Default.aimppl
[2011-07-09 22:58:51 | 000,955,070 | ---- | M] (Informer Technologies, Inc. ) -- C:\Users\J23\Desktop\siinst.exe
[2011-07-08 21:04:06 | 004,096,449 | ---- | M] () -- C:\Users\J23\Desktop\Tina Turner - We Don T Need Another Hero.mp3
[2011-07-08 20:52:31 | 004,575,013 | ---- | M] () -- C:\Users\J23\Desktop\weekend - ona i on.mp3
[2011-07-08 20:24:04 | 003,825,194 | ---- | M] () -- C:\Users\J23\Desktop\w.b.u - zepsuty świat.mp3
[2011-07-08 20:15:47 | 003,943,206 | ---- | M] () -- C:\Users\J23\Desktop\Bloodhound Gang - The bad touch.mp3
[2011-07-08 20:10:18 | 001,914,044 | ---- | M] () -- C:\Users\J23\Desktop\La Bouche - Be My Lover.mp3
[2011-07-08 15:46:44 | 000,022,528 | ---- | M] () -- C:\Users\J23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-07 20:39:14 | 000,001,028 | ---- | M] () -- C:\Users\J23\Desktop\18 Wheels of Steel Haulin.lnk
[2011-07-07 19:55:46 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
[2011-07-07 19:53:40 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011-07-07 19:53:40 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011-07-06 17:04:38 | 686,751,744 | ---- | M] () -- C:\Users\J23\Desktop\WinLite.iso
[2011-07-06 15:30:18 | 000,000,921 | ---- | M] () -- C:\Users\J23\Desktop\nLite.lnk
[2011-07-06 08:29:59 | 004,660,904 | ---- | M] () -- C:\Users\J23\Desktop\rtlsetup-pcie(664).zip
[2011-07-06 08:29:22 | 000,001,332 | ---- | M] () -- C:\Users\J23\Desktop\ich8smb.zip
[2011-07-06 08:26:59 | 000,173,089 | ---- | M] () -- C:\Users\J23\Desktop\winxp.rar
[2011-07-05 23:47:11 | 000,000,965 | ---- | M] () -- C:\Users\J23\Desktop\UltraISO.lnk
[2011-07-05 11:46:11 | 011,529,842 | ---- | M] () -- C:\Users\J23\Desktop\furry2final.zip
[2011-07-05 11:43:24 | 000,000,014 | ---- | M] () -- C:\Windows\cfh232.cfg
[2011-07-05 11:43:23 | 000,000,016 | ---- | M] () -- C:\Windows\furry.ini
[2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011-07-04 13:37:33 | 000,103,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011-07-04 13:36:18 | 000,194,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011-07-04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011-07-03 23:08:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011-07-03 23:05:06 | 000,411,095 | ---- | M] () -- C:\Users\J23\Desktop\Diamond Twister.jar
[2011-07-03 21:48:06 | 000,929,792 | ---- | M] () -- C:\Users\J23\Desktop\Phonebook.npf
[2011-07-03 21:36:05 | 000,002,088 | ---- | M] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2011-07-03 21:20:25 | 173,838,160 | ---- | M] () -- C:\Users\J23\Desktop\New_PC_Studio_1.5.1.10064_2.exe
[2011-07-03 17:41:08 | 003,561,044 | ---- | M] () -- C:\Users\J23\Desktop\Enej - Radio Hello.mp3
[2011-07-03 03:55:12 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2011-07-02 20:33:50 | 003,849,322 | ---- | M] (EZB Systems, Inc. ) -- C:\Users\J23\Desktop\uiso9_pe.exe
[2011-07-02 11:21:06 | 000,337,460 | ---- | M] () -- C:\Users\J23\Desktop\Multi Loader V5.56 instrukcja instalacji nowego softu.zip
[2011-06-29 16:02:11 | 001,806,892 | ---- | M] () -- C:\Users\J23\Desktop\FW-WAP4035v120.zip
[2011-06-29 16:01:52 | 000,938,447 | ---- | M] () -- C:\Users\J23\Desktop\WAP-4033-4035 02.2006.pdf
[2011-06-29 11:54:02 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-06-29 03:18:06 | 003,761,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-06-27 10:07:02 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011-06-24 12:48:46 | 000,211,473 | R--- | M] () -- C:\Users\J23\Desktop\QUG-Planet.pdf
[2011-06-24 11:53:26 | 000,112,553 | ---- | M] () -- C:\Users\J23\Desktop\ulotka_planet.pdf
[2011-06-24 11:53:20 | 000,938,447 | ---- | M] () -- C:\Users\J23\Desktop\WAP-4033-4035_02.2006.pdf
[2011-06-17 11:17:56 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2011-06-17 11:16:47 | 006,054,799 | ---- | M] () -- C:\Users\J23\Desktop\aimp_3.00.881_beta_2.zip
[2011-06-17 03:23:45 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-06-16 09:44:23 | 020,029,812 | ---- | M] () -- C:\Users\J23\Desktop\k550.rar
[2011-06-11 20:12:55 | 000,000,977 | ---- | M] () -- C:\Users\J23\Desktop\ALLPlayer V4.6.lnk
[2011-06-05 16:04:47 | 000,191,488 | ---- | M] () -- C:\Users\J23\Desktop\magia kart.pps
[2011-06-02 20:59:05 | 003,790,921 | ---- | M] () -- C:\Users\J23\Desktop\aycan - lambada dj matt g remix rip.mp3
[2011-05-28 04:53:58 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-05-17 16:49:00 | 011,193,664 | ---- | M] (DT Soft Ltd.) -- C:\Users\J23\Desktop\DTLite4402-0131.exe
[2011-05-17 16:37:27 | 002,276,805 | ---- | M] () -- C:\Users\J23\Desktop\blablaaaaaaaaa.zip

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-07-11 14:22:17 | 000,002,264 | ---- | C] () -- C:\Users\J23\Desktop\Google Chrome.lnk
[2011-07-11 14:20:27 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000UA.job
[2011-07-11 14:20:26 | 000,000,998 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000Core.job
[2011-07-11 12:54:09 | 000,000,084 | ---- | C] () -- C:\Users\J23\Desktop\Nowy-Biznes.url
[2011-07-11 12:54:06 | 000,011,247 | ---- | C] () -- C:\Users\J23\Desktop\CV_2.zip
[2011-07-11 12:52:56 | 000,000,084 | ---- | C] () -- C:\Users\J23\Desktop\biznes.url
[2011-07-11 12:52:52 | 000,010,937 | ---- | C] () -- C:\Users\J23\Desktop\CV_1.zip
[2011-07-11 11:56:07 | 048,062,655 | ---- | C] () -- C:\Users\J23\Desktop\sterowniki_xp_fujitsu_siemens_amilo_li2727.rar
[2011-07-08 21:00:41 | 004,096,449 | ---- | C] () -- C:\Users\J23\Desktop\Tina Turner - We Don T Need Another Hero.mp3
[2011-07-08 20:49:05 | 004,575,013 | ---- | C] () -- C:\Users\J23\Desktop\weekend - ona i on.mp3
[2011-07-08 20:23:53 | 003,825,194 | ---- | C] () -- C:\Users\J23\Desktop\w.b.u - zepsuty świat.mp3
[2011-07-08 20:15:37 | 003,943,206 | ---- | C] () -- C:\Users\J23\Desktop\Bloodhound Gang - The bad touch.mp3
[2011-07-08 20:10:11 | 001,914,044 | ---- | C] () -- C:\Users\J23\Desktop\La Bouche - Be My Lover.mp3
[2011-07-07 20:39:14 | 000,001,028 | ---- | C] () -- C:\Users\J23\Desktop\18 Wheels of Steel Haulin.lnk
[2011-07-07 19:55:46 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
[2011-07-07 19:53:36 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011-07-07 19:53:36 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011-07-06 17:03:52 | 686,751,744 | ---- | C] () -- C:\Users\J23\Desktop\WinLite.iso
[2011-07-06 15:30:18 | 000,000,921 | ---- | C] () -- C:\Users\J23\Desktop\nLite.lnk
[2011-07-06 08:29:28 | 004,660,904 | ---- | C] () -- C:\Users\J23\Desktop\rtlsetup-pcie(664).zip
[2011-07-06 08:29:21 | 000,001,332 | ---- | C] () -- C:\Users\J23\Desktop\ich8smb.zip
[2011-07-06 08:26:57 | 000,173,089 | ---- | C] () -- C:\Users\J23\Desktop\winxp.rar
[2011-07-05 11:42:46 | 011,529,842 | ---- | C] () -- C:\Users\J23\Desktop\furry2final.zip
[2011-07-03 23:08:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011-07-03 23:05:01 | 000,411,095 | ---- | C] () -- C:\Users\J23\Desktop\Diamond Twister.jar
[2011-07-03 21:47:59 | 000,929,792 | ---- | C] () -- C:\Users\J23\Desktop\Phonebook.npf
[2011-07-03 21:36:05 | 000,002,088 | ---- | C] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2011-07-03 21:33:47 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011-07-03 21:33:47 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011-07-03 21:33:47 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sy_
[2011-07-03 20:33:07 | 173,838,160 | ---- | C] () -- C:\Users\J23\Desktop\New_PC_Studio_1.5.1.10064_2.exe
[2011-07-03 17:40:21 | 003,561,044 | ---- | C] () -- C:\Users\J23\Desktop\Enej - Radio Hello.mp3
[2011-07-02 20:35:01 | 000,000,965 | ---- | C] () -- C:\Users\J23\Desktop\UltraISO.lnk
[2011-07-02 15:02:29 | 000,000,014 | ---- | C] () -- C:\Windows\cfh232.cfg
[2011-07-02 14:49:22 | 000,000,016 | ---- | C] () -- C:\Windows\furry.ini
[2011-07-02 11:21:06 | 000,337,460 | ---- | C] () -- C:\Users\J23\Desktop\Multi Loader V5.56 instrukcja instalacji nowego softu.zip
[2011-06-29 16:02:10 | 001,806,892 | ---- | C] () -- C:\Users\J23\Desktop\FW-WAP4035v120.zip
[2011-06-29 16:01:49 | 000,938,447 | ---- | C] () -- C:\Users\J23\Desktop\WAP-4033-4035 02.2006.pdf
[2011-06-29 11:54:02 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-06-28 14:04:45 | 000,248,572 | ---- | C] () -- C:\Users\J23\Documents\Default.aimppl
[2011-06-24 12:54:17 | 000,211,473 | R--- | C] () -- C:\Users\J23\Desktop\QUG-Planet.pdf
[2011-06-24 11:53:26 | 000,112,553 | ---- | C] () -- C:\Users\J23\Desktop\ulotka_planet.pdf
[2011-06-24 11:53:20 | 000,938,447 | ---- | C] () -- C:\Users\J23\Desktop\WAP-4033-4035_02.2006.pdf
[2011-06-17 11:16:19 | 006,054,799 | ---- | C] () -- C:\Users\J23\Desktop\aimp_3.00.881_beta_2.zip
[2011-06-17 03:23:45 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-06-16 09:42:26 | 020,029,812 | ---- | C] () -- C:\Users\J23\Desktop\k550.rar
[2011-06-12 12:06:44 | 008,400,344 | ---- | C] () -- C:\Users\J23\Desktop\Benny Benassi-Satistaction.wav
[2011-06-12 12:06:41 | 006,832,984 | ---- | C] () -- C:\Users\J23\Desktop\1082725003182_morwa_to_dla_sluchaczy.wmv
[2011-06-11 20:12:55 | 000,000,977 | ---- | C] () -- C:\Users\J23\Desktop\ALLPlayer V4.6.lnk
[2011-06-06 21:27:31 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-06-05 16:04:42 | 000,191,488 | ---- | C] () -- C:\Users\J23\Desktop\magia kart.pps
[2011-06-02 20:55:58 | 003,790,921 | ---- | C] () -- C:\Users\J23\Desktop\aycan - lambada dj matt g remix rip.mp3
[2011-05-17 16:37:24 | 002,276,805 | ---- | C] () -- C:\Users\J23\Desktop\blablaaaaaaaaa.zip
[2011-05-14 20:07:26 | 001,157,348 | ---- | C] () -- C:\Users\J23\Desktop\110508_184039.jpg
[2011-05-14 20:07:26 | 001,155,036 | ---- | C] () -- C:\Users\J23\Desktop\110508_184033.jpg
[2011-05-14 20:07:25 | 001,503,063 | ---- | C] () -- C:\Users\J23\Desktop\110508_184053.jpg
[2011-05-14 20:07:25 | 001,293,331 | ---- | C] () -- C:\Users\J23\Desktop\110508_184024.jpg
[2011-04-28 20:22:43 | 000,000,204 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2011-04-28 20:21:30 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011-04-28 20:14:29 | 000,000,028 | ---- | C] () -- C:\ProgramData\GRGames.ini
[2011-04-20 20:16:30 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-04-20 20:14:53 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-04-18 19:53:58 | 000,037,840 | ---- | C] () -- C:\Windows\System32\drivers\ext2fs.sys
[2011-04-18 19:08:30 | 000,000,192 | ---- | C] () -- C:\Windows\AWS.ini
[2011-04-08 19:08:23 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll
[2011-03-21 18:34:32 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011-03-07 16:36:57 | 000,000,000 | ---- | C] () -- C:\Users\J23\AppData\Roaming\chrtmp
[2011-01-26 16:56:49 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011-01-21 07:36:02 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011-01-12 21:34:09 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2010-12-25 21:49:19 | 000,022,528 | ---- | C] () -- C:\Users\J23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-24 13:27:11 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010-12-18 19:42:09 | 000,725,064 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2010-12-18 19:42:08 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2010-12-18 19:42:07 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2010-04-06 19:33:10 | 000,025,864 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2009-07-14 10:07:57 | 000,701,022 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2009-07-14 10:07:57 | 000,136,040 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 06:33:53 | 003,761,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-07-14 04:05:48 | 000,618,714 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009-07-14 04:05:48 | 000,107,034 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008-01-01 21:35:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008-01-01 21:35:22 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2005-01-31 09:37:58 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[color=#E56717]========== LOP Check ==========[/color]

[2011-04-28 21:42:04 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\advantage
[2011-06-15 11:09:54 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\aerix
[2011-07-10 19:16:38 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\AIMP3
[2011-04-07 20:09:20 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\AutoHideIP
[2010-12-25 21:51:18 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\BESTplayer
[2011-04-28 20:45:22 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\BITS
[2011-03-07 16:37:38 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Blitware
[2011-01-10 17:47:42 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\DAEMON Tools Lite
[2011-03-02 18:36:43 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\EMCO
[2011-06-27 21:09:26 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\EurekaLog
[2011-04-28 20:21:06 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\FlashGet
[2011-04-28 20:20:49 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\FlashGetBHO
[2011-02-11 21:34:52 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Gadu-Gadu 10
[2011-04-28 20:19:35 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\GetRight
[2010-12-17 19:52:49 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\GHISLER
[2011-06-10 00:06:25 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\ipla
[2011-01-27 19:37:53 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\IrfanView
[2010-12-25 21:16:01 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\LolClient
[2011-03-30 19:28:52 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Miranda
[2010-12-24 00:56:44 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\OpenFM
[2011-06-10 22:39:37 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\RDRM
[2011-07-03 21:33:27 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Samsung
[2011-04-28 21:21:55 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Tific
[2010-12-24 13:13:31 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Tlen.pl
[2011-06-12 18:52:21 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Win7codecs
[2011-07-03 03:55:12 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2011-04-22 21:54:28 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-03-30 09:00:33 | 000,010,138 | ---- | M] () -- C:\aaw7boot.log
[2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2011-06-05 17:43:15 | 000,055,637 | ---- | M] () -- C:\AutoMapaSetupLog.txt
[2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2008-01-01 21:31:14 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010-12-17 19:53:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-12-17 19:53:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-07-11 14:08:18 | 2011,684,864 | -HS- | M] () -- C:\pagefile.sys
[2011-04-18 20:24:59 | 000,012,283 | ---- | M] () -- C:\TREEINFO.NCD
[2008-09-01 21:39:48 | 000,171,136 | RHS- | M] () -- C:\W7LDR


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< End of report >
[/log]

log Extras
[log]OTL Extras logfile created on: 2011-07-11 14:35:10 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\J23\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,87 Gb Total Physical Memory | 1,13 Gb Available Physical Memory | 60,33% Memory free
3,75 Gb Paging File | 2,78 Gb Available in Paging File | 74,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,08 Gb Total Space | 10,20 Gb Free Space | 26,11% Space Free | Partition Type: NTFS
Drive D: | 109,97 Gb Total Space | 15,26 Gb Free Space | 13,88% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 6,31 Gb Free Space | 4,24% Space Free | Partition Type: NTFS
Drive G: | 149,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: J23-KOMPUTER | User Name: J23 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1" = MiniTool Partition Wizard Home Edition 5.2
"{1A36CF15-DF66-4756-9482-A9ABF3DDACE6}_is1" = Driver Robot
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{881C69F2-3861-4F18-BA0D-9B742C5E44FF}" = Voice Twister
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.2 - Polish
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"18 Wheels of Steel Haulin" = 18 Wheels of Steel Haulin
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP3" = AIMP3
"ALLPlayer_is1" = ALLPlayer V4.X
"AQQ" = WapSter AQQ
"Ashampoo WinOptimizer 8_is1" = Ashampoo WinOptimizer 8 v.8.04
"Audacity_is1" = Audacity 1.2.6
"AutoHideIP" = Auto Hide IP
"avast" = avast! Internet Security
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"Gadu-Gadu 10" = Gadu-Gadu 10
"GOM Player" = GOM Player
"Hard Truck 18 Wheels of Steel" = Hard Truck 18 Wheels of Steel
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"ipla" = ipla 2.2.1
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 5.0 (x86 pl)" = Mozilla Firefox 5.0 (x86 pl)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"nLite_is1" = nLite 1.4.9.1
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Profilin Stylin" = Profilin Stylin
"Super Kulki_is1" = Super Kulki
"Tlen.pl" = Tlen.pl
"Total Video Converter 3.11_is1" = Total Video Converter 3.11 070908
"Totalcmd" = Total Commander (Remove or Repair)
"UltraISO_is1" = UltraISO Premium V9.36
"WinRAR archiver" = Archiwizator WinRAR
"WMV To VCD DVD MPEG Converter Pro_is1" = WMV To VCD DVD MPEG Converter Pro 2.5
"Zuma Deluxe RA" = Zuma Deluxe RA

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
[/log]

Log RSIT
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by J23 at 2011-07-11 14:58:16
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 10 GB (26%) free of 40 GB
Total RAM: 1918 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:28, on 2011-07-11
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\Downloads\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\J23.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://onet.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: BHO_HelloWorld.BHO - {cbfb5c65-652c-3e10-9d9a-e586816d9342} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\J23\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{216FEFBE-B5D5-4B2D-BA8C-49C71DFFF041}: NameServer = 192.168.2.1,194.204.152.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0E1BD89-5858-4A05-B4C5-AC5604EAB63B}: NameServer = 192.168.2.254,192.168.9.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE57A4E7-F404-4747-B354-815ECC05C7A3}: NameServer = 192.168.2.254,192.168.9.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{216FEFBE-B5D5-4B2D-BA8C-49C71DFFF041}: NameServer = 192.168.2.1,194.204.152.34
O17 - HKLM\System\CS2\Services\Tcpip\..\{216FEFBE-B5D5-4B2D-BA8C-49C71DFFF041}: NameServer = 192.168.2.1,194.204.152.34
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 8533 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Driver Robot.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\J23\AppData\Roaming\Mozilla\Firefox\Profiles\hcn2mha1.default

prefs.js - "browser.startup.homepage" - "google.pl"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, IplextoALL@ALLPlayer.org:0.1, engine@conduit.com:3.3.3.2, {481f306a-420c-4673-be90-543b7d62a78e}:3.3.3.2, support@auto-hide-ip.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

C:\Users\J23\AppData\Roaming\Mozilla\Firefox\Profiles\hcn2mha1.default\extensions\
engine@conduit.com
support@auto-hide-ip.com
{481f306a-420c-4673-be90-543b7d62a78e}
{9D6218B8-03C7-4b91-AA43-680B305DD35C}

C:\Users\J23\AppData\Roaming\Mozilla\Firefox\Profiles\hcn2mha1.default\searchplugins\
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cbfb5c65-652c-3e10-9d9a-e586816d9342}]
BHO_HelloWorld.BHO - C:\Windows\system32\mscoree.dll [2010-11-05 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"NPSStartup"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-05-26 15147400]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
"Google Update"=C:\Users\J23\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-11 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
C:\Users\J23\AppData\Roaming\advantage\AdVantage.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
C:\Program Files\ALLPlayer\ALLUpdate.exe [2011-02-08 1362944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Auto Hide IP]
C:\Program Files\AutoHideIP\AutoHideIP.exe [2011-03-29 3737840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-11 14:58:17 ----D---- C:\Program Files\trend micro
2011-07-11 14:58:16 ----D---- C:\rsit
2011-07-07 21:34:22 ----D---- C:\Program Files\ATI Technologies
2011-07-07 21:34:19 ----D---- C:\Program Files\ATI
2011-07-07 21:33:21 ----D---- C:\ATI
2011-07-07 20:42:17 ----A---- C:\Windows\system32\xinput1_3.dll
2011-07-07 20:42:17 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-07-07 20:42:17 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-07-07 20:42:17 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-07-07 20:42:16 ----A---- C:\Windows\system32\xinput1_2.dll
2011-07-07 20:42:16 ----A---- C:\Windows\system32\xinput1_1.dll
2011-07-07 20:42:16 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-07-07 20:42:16 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-07-07 20:42:15 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-07-07 20:42:08 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-07-07 20:42:08 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-07-07 20:42:08 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-07-07 20:42:07 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-07-07 20:42:07 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-07-07 20:42:07 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-07-07 20:42:06 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-07-07 20:42:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-07-07 20:38:18 ----D---- C:\Program Files\18 Wheels of Steel Haulin
2011-07-07 19:55:29 ----D---- C:\Program Files\Hard Truck
2011-07-06 15:30:17 ----D---- C:\Program Files\nLite
2011-07-06 08:05:51 ----D---- C:\Windows\Minidump
2011-07-05 23:47:02 ----D---- C:\Program Files\Temporary
2011-07-05 23:47:01 ----D---- C:\Program Files\Temp
2011-07-04 11:18:35 ----D---- C:\Program Files\profilinstylin
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bwhnt.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bwh.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bmdm.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bmdfl.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bcmnt.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bcm.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bbus.sys
2011-07-03 21:34:17 ----D---- C:\ProgramData\Samsung
2011-07-03 21:33:47 ----A---- C:\Windows\system32\FsUsbExService.Exe
2011-07-03 21:33:47 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2011-07-03 21:33:47 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2011-07-03 21:33:27 ----D---- C:\Users\J23\AppData\Roaming\Samsung
2011-07-03 21:32:42 ----D---- C:\Program Files\MarkAny
2011-07-03 21:32:15 ----D---- C:\Program Files\Samsung
2011-07-02 20:35:00 ----D---- C:\Program Files\Common Files\EZB Systems
2011-07-02 20:34:57 ----D---- C:\Program Files\UltraISO
2011-07-02 14:49:22 ----A---- C:\Windows\furry.ini
2011-06-29 11:59:59 ----A---- C:\Windows\ntbtlog.txt
2011-06-29 11:54:02 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-06-29 11:54:01 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-06-29 11:53:59 ----A---- C:\Windows\system32\drivers\aswFW.sys
2011-06-29 11:53:40 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2011-06-29 11:53:39 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-06-29 11:53:39 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-06-29 11:53:38 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-06-29 11:53:38 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-06-29 11:53:10 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2011-06-29 11:53:09 ----A---- C:\Windows\system32\aswBoot.exe
2011-06-29 11:53:09 ----A---- C:\Windows\avastSS.scr
2011-06-29 11:53:03 ----D---- C:\ProgramData\AVAST Software
2011-06-29 11:53:03 ----D---- C:\Program Files\AVAST Software
2011-06-28 20:39:27 ----A---- C:\Windows\system32\tquery.dll
2011-06-28 20:39:27 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-28 20:39:27 ----A---- C:\Windows\system32\mssrch.dll
2011-06-28 20:39:26 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-28 20:39:26 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-28 20:39:26 ----A---- C:\Windows\system32\mssvp.dll
2011-06-28 20:39:26 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-28 20:39:26 ----A---- C:\Windows\system32\mssph.dll
2011-06-28 20:39:25 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-28 20:39:24 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-27 10:07:02 ----A---- C:\Windows\system32\CmdLineExt.dll
2011-06-17 03:23:44 ----D---- C:\Program Files\Common Files\Skype
2011-06-16 05:05:09 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-16 05:05:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-16 05:05:07 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-16 05:05:06 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-16 05:05:06 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-16 05:05:06 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-16 05:05:05 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-16 05:04:58 ----A---- C:\Windows\system32\mshtml.dll
2011-06-16 05:04:58 ----A---- C:\Windows\system32\ieframe.dll
2011-06-16 05:04:57 ----A---- C:\Windows\system32\urlmon.dll
2011-06-16 05:04:56 ----A---- C:\Windows\system32\wininet.dll
2011-06-16 05:04:56 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-16 05:04:56 ----A---- C:\Windows\system32\ieui.dll
2011-06-16 05:04:56 ----A---- C:\Windows\system32\iertutil.dll
2011-06-16 05:04:55 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-16 05:04:54 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-16 05:04:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-16 05:04:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-06-15 11:09:54 ----D---- C:\Users\J23\AppData\Roaming\aerix
2011-06-14 21:48:51 ----D---- C:\Program Files\Rockstar Games
2011-06-12 18:52:21 ----D---- C:\Users\J23\AppData\Roaming\Win7codecs
2011-06-12 18:52:13 ----D---- C:\Program Files\Win7codecs

======List of files/folders modified in the last 1 month======

2011-07-11 14:58:28 ----D---- C:\Windows\Prefetch
2011-07-11 14:58:17 ----RD---- C:\Program Files
2011-07-11 14:54:40 ----D---- C:\Windows\Temp
2011-07-11 14:47:56 ----D---- C:\Users\J23\AppData\Roaming\Skype
2011-07-11 14:21:50 ----D---- C:\Windows\system32\config
2011-07-11 14:20:27 ----D---- C:\Windows\Tasks
2011-07-11 14:20:27 ----D---- C:\Windows\system32\Tasks
2011-07-11 14:12:59 ----D---- C:\Windows\System32
2011-07-11 14:12:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-11 14:12:58 ----D---- C:\Windows\inf
2011-07-11 14:00:23 ----D---- C:\Windows
2011-07-10 21:43:21 ----D---- C:\ProgramData\OpenFM
2011-07-10 19:16:38 ----D---- C:\Users\J23\AppData\Roaming\AIMP3
2011-07-10 12:13:19 ----SHD---- C:\System Volume Information
2011-07-07 21:34:59 ----SHD---- C:\Windows\Installer
2011-07-07 21:34:53 ----D---- C:\Windows\winsxs
2011-07-07 20:42:15 ----RSD---- C:\Windows\assembly
2011-07-07 15:10:21 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-07-03 23:08:13 ----D---- C:\Windows\system32\drivers
2011-07-03 23:08:09 ----D---- C:\Windows\system32\drivers\UMDF
2011-07-03 21:35:57 ----D---- C:\Windows\system32\DriverStore
2011-07-03 21:35:57 ----D---- C:\Windows\system32\catroot
2011-07-03 21:35:22 ----D---- C:\Windows\system32\catroot2
2011-07-03 21:34:17 ----HD---- C:\ProgramData
2011-07-03 21:33:18 ----D---- C:\Windows\SoftwareDistribution
2011-07-03 21:33:06 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-02 20:35:00 ----D---- C:\Program Files\Common Files
2011-07-02 14:51:11 ----SD---- C:\Users\J23\AppData\Roaming\Microsoft
2011-06-29 03:16:18 ----RSD---- C:\Windows\Fonts
2011-06-27 22:53:59 ----D---- C:\Program Files\Counter-Strike
2011-06-27 21:09:26 ----D---- C:\Users\J23\AppData\Roaming\EurekaLog
2011-06-27 10:17:24 ----D---- C:\Windows\debug
2011-06-25 07:55:23 ----D---- C:\Windows\Microsoft.NET
2011-06-24 12:35:13 ----D---- C:\Windows\system32\NDF
2011-06-23 10:45:59 ----D---- C:\Program Files\Mozilla Firefox
2011-06-17 11:17:56 ----D---- C:\Program Files\AIMP3
2011-06-17 03:24:03 ----RD---- C:\Program Files\Skype
2011-06-17 03:23:37 ----D---- C:\ProgramData\Skype
2011-06-17 03:20:30 ----D---- C:\Windows\system32\migration
2011-06-17 03:20:30 ----D---- C:\Program Files\Internet Explorer
2011-06-17 03:03:30 ----A---- C:\Windows\system32\MRT.exe
2011-06-17 03:02:43 ----D---- C:\ProgramData\Microsoft Help
2011-06-13 23:44:30 ----D---- C:\Program Files\K-Lite Codec Pack
2011-06-12 18:52:25 ----D---- C:\Program Files\Real Alternative
2011-06-12 18:52:21 ----D---- C:\ProgramData\Win7codecs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2011-02-23 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2011-07-04 194264]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-05-17 431672]
R0 Ultra;Ultra; C:\Windows\system32\DRIVERS\ultra.sys [2002-05-03 41280]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2011-07-04 103384]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 cpudriver;cpudriver; \??\C:\Program Files\Temporary\cpu.sys [2011-07-05 20992]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-14 4194816]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 RT2500;RT2500 Wireless Driver; C:\Windows\system32\DRIVERS\RT2500.sys [2006-06-02 236800]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-01-21 328808]
S3 a34e2gnq;a34e2gnq; C:\Windows\system32\drivers\a34e2gnq.sys []
S3 agn3yecg;agn3yecg; C:\Windows\system32\drivers\agn3yecg.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Sterownik filtru magistrali AGP AMD; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 25864]
S3 cpu;cpu; \??\C:\cpu.sys []
S3 Ext2FS;Ext2FS; C:\Windows\system32\drivers\Ext2FS.sys [2004-01-23 37840]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 23048]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\DRIVERS\LVUSBSta.sys [2005-01-31 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2010-08-16 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2010-08-16 11104]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr magistrali AGP SIS; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr magistrali AGP VIA; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WINUSB;Sterownik WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-07-04 121000]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 KMService;KMService; C:\Windows\system32\srvany.exe [2011-01-12 8192]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS.exe [2009-08-24 406016]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-18 1343400]
S4 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe []
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S4 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------
[/log]

info
[log]info.txt logfile of random's system information tool 1.09 2011-07-11 14:58:32

======Uninstall list======

18 Wheels of Steel Haulin-->C:\PROGRA~1\18WHEE~1\UNWISE.EXE C:\PROGRA~1\18WHEE~1\INSTALL.LOG
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Creative Suite 5 Master Collection-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}"
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10o_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Reader 9.4.2 - Polish-->MsiExec.exe /I{AC76BA86-7AD7-1045-7B44-A94000000001}
AIMP3-->C:\Program Files\AIMP3\Uninstall.exe
Aktualizacja dla programu Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0415-0000-0000000FF1CE}" "{0F03EE57-6776-4ADA-99CF-ECA4B81BC5E0}" "1045" "0"
ALLConverter PRO 1.1-->"C:\Program Files\ALLConverter PRO\unins000.exe"
ALLPlayer V4.X-->"C:\Program Files\ALLPlayer\unins000.exe"
Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiwizator WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ashampoo WinOptimizer 8 v.8.04-->"C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\unins000.exe"
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Auto Hide IP-->"C:\Program Files\AutoHideIP\uninst.exe"
avast! Internet Security-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Centrum obsługi urządzeń z systemem Windows Mobile-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{2FD3FD50-4D6B-433B-9AB8-83F04675DA44}" "1045" "0"
Driver Robot-->"C:\Program Files\Driver Robot\2.5.3.0\unins000.exe"
Gadu-Gadu 10-->C:\Program Files\Gadu-Gadu 10\Uninstall.exe
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Hard Truck 18 Wheels of Steel-->C:\PROGRA~1\HARDTR~1\UNWISE.EXE C:\PROGRA~1\HARDTR~1\INSTALL.LOG
ipla 2.2.1-->C:\Program Files\ipla\uninst.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}
JDownloader-->C:\Program Files\JDownloader\uninstall.exe
Microsoft .NET Framework 4 Client Profile PLK Language Pack-->MsiExec.exe /X{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office Access MUI (Polish) 2010-->MsiExec.exe /X{90140000-0015-0415-0000-0000000FF1CE}
Microsoft Office Excel MUI (Polish) 2010-->MsiExec.exe /X{90140000-0016-0415-0000-0000000FF1CE}
Microsoft Office Groove MUI (Polish) 2010-->MsiExec.exe /X{90140000-00BA-0415-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Polish) 2010-->MsiExec.exe /X{90140000-0044-0415-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Polish) 2010-->MsiExec.exe /X{90140000-00A1-0415-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Polish) 2010-->MsiExec.exe /X{90140000-001A-0415-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Polish) 2010-->MsiExec.exe /X{90140000-0018-0415-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Polish) 2010-->MsiExec.exe /X{90140000-001F-0415-0000-0000000FF1CE}
Microsoft Office Proofing (Polish) 2010-->MsiExec.exe /X{90140000-002C-0415-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Polish) 2010-->MsiExec.exe /X{90140000-0019-0415-0000-0000000FF1CE}
Microsoft Office Shared MUI (Polish) 2010-->MsiExec.exe /X{90140000-006E-0415-0000-0000000FF1CE}
Microsoft Office Word MUI (Polish) 2010-->MsiExec.exe /X{90140000-001B-0415-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
MiniTool Partition Wizard Home Edition 5.2-->"C:\Program Files\MiniTool Partition Wizard Home Edition 5.2\unins000.exe"
Mozilla Firefox 5.0 (x86 pl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NapiProjekt 1.0.6.9-->"C:\Program Files\NAPI-PROJEKT\unins000.exe"
Need for Speed™ Most Wanted-->C:\Program Files\EA GAMES\Need for Speed Most Wanted\EAUninstall.exe
nLite 1.4.9.1-->"C:\Program Files\nLite\unins000.exe"
Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe
PC Connectivity Solution-->MsiExec.exe /I{83258E90-1F76-4E13-9F60-A0F8ED41E76F}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PlayReady PC Runtime x86-->MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}
Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1045 /parameterfolder ClientLP
Profilin Stylin -->C:\Program Files\profilinstylin\profilinstylin_Uninstall.exe
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x0415 -removeonly
Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}
SAMSUNG USB Driver for Mobile Phones-->C:\Program Files\Samsung\USB Drivers\Uninstall.exe
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft Excel 2010 (KB2523021)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{AA9E4C48-857D-4558-A4F4-343CA7680277}" "1045" "0"
Security Update for Microsoft InfoPath 2010 (KB2510065)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3C6C6854-EB6B-455C-B0A6-9871F0538028}" "1045" "0"
Security Update for Microsoft Office 2010 (KB2289078)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1045" "0"
Security Update for Microsoft Office 2010 (KB2289161)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1045" "0"
Security Update for Microsoft PowerPoint 2010 (KB2519975)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}" "1045" "0"
Security Update for Microsoft Publisher 2010 (KB2409055)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1045" "0"
Security Update for Microsoft Word 2010 (KB2345000)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1045" "0"
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Skype Toolbars-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.3-->MsiExec.exe /X{5335DADB-34BA-4AE8-A519-648D78498846}
Super Kulki-->"C:\Program Files\Super Kulki\unins000.exe"
System Requirements Lab CYRI-->MsiExec.exe /I{679F739E-5C76-4A41-B562-F9392156B6DD}
Tlen.pl-->"C:\Program Files\Tlen.pl\uninstall.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Total Video Converter 3.11 070908-->"C:\Program Files\Total Video Converter\unins000.exe"
UltraISO Premium V9.36-->"C:\Program Files\UltraISO\unins000.exe"
Update for Microsoft Office 2010 (KB2202188)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1045" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1045" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1045" "0"
Update for Microsoft Office 2010 (KB2413186)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1045" "0"
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1045" "0"
Update for Microsoft Office 2010 (KB2523113)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C0FF04BF-A05E-408B-81CA-B7FACDA508A3}" "1045" "0"
Update for Microsoft OneNote 2010 (KB2493983)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{309EEC22-83CE-4109-B019-BA9392FAA322}" "1045" "0"
Update for Microsoft Outlook Social Connector (KB2441641)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306}" "1045" "0"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Voice Twister-->MsiExec.exe /I{881C69F2-3861-4F18-BA0D-9B742C5E44FF}
WapSter AQQ-->C:\Program Files\WapSter\WapSter AQQ\uninstall.exe
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WMV To VCD DVD MPEG Converter Pro 2.5-->"C:\Program Files\WMV To VCD DVD MPEG Converter Pro\unins000.exe"
Zuma Deluxe RA-->C:\PROGRA~1\ZUMADE~1\UNWISE.EXE C:\PROGRA~1\ZUMADE~1\INSTALL.LOG

======System event log======

Computer Name: J23-Komputer
Event Code: 20003
Message: Usługa zarządzania sterownikami zakończyła proces dodawania usługi volsnap dla wystąpienia urządzenia o identyfikatorze STORAGE\VOLUME\_??_USBSTOR#DISK&VEN_SAMSUNG&PROD_S5230_SDCARD&REV_#6&36CA1046&0#{53F56307-B6BF-11D0-94F2-00A0C91EFB8B} z następującym stanem: 0.
Record Number: 5208
Source Name: Microsoft-Windows-UserPnp
Time Written: 20101225191030.140690-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: J23-Komputer
Event Code: 20001
Message: Usługa zarządzania sterownikami zakończyła proces instalacji sterownika FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.inf dla wystąpienia urządzenia o identyfikatorze USBSTOR\DISK&VEN_SAMSUNG&PROD_S5230_SDCARD&REV_\6&36CA1046&0 z następującym stanem: 0x0.
Record Number: 5207
Source Name: Microsoft-Windows-UserPnp
Time Written: 20101225191028.622604-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: J23-Komputer
Event Code: 20003
Message: Usługa zarządzania sterownikami zakończyła proces dodawania usługi disk dla wystąpienia urządzenia o identyfikatorze USBSTOR\DISK&VEN_SAMSUNG&PROD_S5230_SDCARD&REV_\6&36CA1046&0 z następującym stanem: 0.
Record Number: 5206
Source Name: Microsoft-Windows-UserPnp
Time Written: 20101225191028.177578-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: J23-Komputer
Event Code: 20001
Message: Usługa zarządzania sterownikami zakończyła proces instalacji sterownika NULL Driver dla wystąpienia urządzenia o identyfikatorze USB\VID_04E8&PID_6795\5&2AB7334&0&2 z następującym stanem: 0xe0000203.
Record Number: 5205
Source Name: Microsoft-Windows-UserPnp
Time Written: 20101225191026.387476-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: J23-Komputer
Event Code: 20001
Message: Usługa zarządzania sterownikami zakończyła proces instalacji sterownika FileRepository\usbstor.inf_x86_neutral_83027f5d5b2468d3\usbstor.inf dla wystąpienia urządzenia o identyfikatorze USB\VID_04E8&PID_E201\5&2AB7334&0&2 z następującym stanem: 0x0.
Record Number: 5204
Source Name: Microsoft-Windows-UserPnp
Time Written: 20101225191026.087459-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

=====Application event log=====

Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20080101193356.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20080101193352.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247D28-05
Event Code: 4625
Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20080101193348.000000-000
Event Type: Informacje
User:

Computer Name: 37L4247D28-05
Event Code: 1531
Message: Usługa profilów użytkowników została uruchomiona pomyślnie.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20080101193347.705750-000
Event Type: Informacje
User: ZARZĄDZANIE NT\SYSTEM

Computer Name: WIN-4740FUN1S7A
Event Code: 1001
Message:

Sprawdzanie systemu plików na D:
Typ systemu plików to NTFS.


Jeden z dysków wymaga sprawdzenia spójnosci danych. Mozesz
anulowac to sprawdzenie, ale zaleca sie jego kontynuowanie.
System Windows sprawdzi teraz dysk.

CHKDSK sprawdza pliki (poziom 1 z 3)
Przetworzone rekordy plików: 3328.

Ukonczono sprawdzanie plików.
Przetworzone rekordy duzych plików: 0.

Przetworzone rekordy uszkodzonych plików: 0.

Przetworzone rekordy atrybutów rozszerzonych: 0.

Przetworzone rekordy ponownej analizy: 0.

CHKDSK sprawdza indeksy (poziom 2 z 3)
Przetworzone wpisy indeksu: 4050.

Ukonczono weryfikacje indeksów.
Przeskanowane pliki nieindeksowane: 0.

Odzyskane pliki nieindeksowane: 0.

CHKDSK sprawdza deskryptory zabezpieczen (poziom 3 z 3)
Przetworzone deskryptory zabezpieczen/identyfikatory plików: 3328.

Oczyszczanie 1 nieuzywanych wpisów w indeksie $SII pliku 0x9.
Oczyszczanie 1 nieuzywanych wpisów w indeksie $SDH pliku 0x9.
Porzadkowanie 1 nieuzywanych deskryptorów zabezpieczen.
Ukonczono sprawdzanie deskryptorów zabezpieczen.
Przetworzone pliki danych: 361.

System Windows sprawdzil system plików i nie znalazl zadnych problemów.

115314536 KB calkowitego miejsca na dysku.
47928864 KB w 2730 plikach.
1544 KB w 363 indeksach.
0 KB w uszkodzonych sektorach.
72792 KB uzywanych przez system.
65536 KB zajetych przez plik dziennika.
67311336 KB dostepnych na dysku.

4096 bajtów w kazdej jednostce alokacji.
28828634 ogólem jednostek alokacji na dysku.
16827834 jednostek alokacji dostepnych na dysku.

Informacje wewnetrzne:
00 0d 00 00 20 0c 00 00 82 13 00 00 00 00 00 00 .... ...........
b1 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
16 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 ................

Record Number: 1
Source Name: Microsoft-Windows-Wininit
Time Written: 20080101193346.000000-000
Event Type: Informacje
User:

=====Security event log=====

Computer Name: J23-Komputer
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: J23-KOMPUTER$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x210
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 3318
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110222192252.840082-000
Event Type: Sukcesy inspekcji
User:

Computer Name: J23-Komputer
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 3317
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110222132232.326460-000
Event Type: Sukcesy inspekcji
User:

Computer Name: J23-Komputer
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: J23-KOMPUTER$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x210
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 3316
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110222132232.326460-000
Event Type: Sukcesy inspekcji
User:

Computer Name: J23-Komputer
Event Code: 4672
Message: Przypisano specjalne uprawnienia do nowego logowania.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7

Uprawnienia: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 3315
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110222130412.750568-000
Event Type: Sukcesy inspekcji
User:

Computer Name: J23-Komputer
Event Code: 4624
Message: Użytkownik pomyślnie zalogował się na koncie.

Podmiot:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: J23-KOMPUTER$
Domena konta: WORKGROUP
Identyfikator logowania: 0x3e7

Typ logowania: 5

Nowe logowanie:
Identyfikator zabezpieczeń: S-1-5-18
Nazwa konta: SYSTEM
Domena konta: ZARZĄDZANIE NT
Identyfikator logowania: 0x3e7
Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000}

Informacje o procesie:
Identyfikator procesu: 0x210
Nazwa procesu: C:\Windows\System32\services.exe

Informacje o sieci:
Nazwa stacji roboczej:
Adres źródłowy sieci: -
Port źródłowy: -

Szczegółowe informacje o uwierzytelnianiu:
Proces logowania: Advapi
Pakiet uwierzytelniania: Negotiate
Usługi przejściowe: -
Nazwa pakietu (tylko NTLM): -
Długość klucza: 0

To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp.

Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe.

Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe).

Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane.

Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta.

Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania.
- Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy.
- Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania.
- Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty.
- Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0.
Record Number: 3314
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110222130412.750568-000
Event Type: Sukcesy inspekcji
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4b02
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
[/log]

wirusolog
komentarz
komentarz (edytowane)

Możliwe, że ten problem to wina bazy wirusów, dziś spotkałem się z tym samym problemem, na tych samych przeglądarkach, i tamta osoba nie miała infekcji i Ty też jej nie masz - jest czysto.
Poczekaj dzień, dwa, jeżeli problem nie zniknie wklej ponownie komplet logów.

  • Dobra wypowiedź 1
wacek223
komentarz
komentarz

Oki. Dzięki za info.

Problem nie ustaje więc wklejam ponownie logi..

OTL
[log]OTL logfile created on: 2011-07-15 12:02:12 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\J23\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,87 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 65,91% Memory free
3,75 Gb Paging File | 2,94 Gb Available in Paging File | 78,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,08 Gb Total Space | 9,03 Gb Free Space | 23,12% Space Free | Partition Type: NTFS
Drive D: | 109,97 Gb Total Space | 14,57 Gb Free Space | 13,25% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 6,31 Gb Free Space | 4,24% Space Free | Partition Type: NTFS

Computer Name: J23-KOMPUTER | User Name: J23 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-07-11 14:25:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\J23\Desktop\OTL.exe
PRC - [2011-07-09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2010-10-29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-07-11 14:25:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\J23\Desktop\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011-06-03 07:59:23 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2011-05-14 08:26:31 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2011-02-25 07:34:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2010-11-20 14:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- -- (BlueSoleilCS)
SRV - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-01-12 21:33:36 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
SRV - [2010-12-18 11:17:09 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-08-24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS.exe -- (DfSdkS)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-09-08 08:59:00 | 000,575,488 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-05-31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-07-05 23:47:02 | 000,020,992 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Temporary\cpu.sys -- (cpudriver)
DRV - [2011-07-04 13:37:33 | 000,103,384 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-07-04 13:36:18 | 000,194,264 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-07-04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-05-17 16:50:47 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-02-23 14:34:54 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-08-16 16:31:08 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2010-08-16 16:31:06 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-04-27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010-04-27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010-04-27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2010-04-06 19:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010-04-06 19:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010-04-06 19:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009-07-14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008-08-26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-06-02 06:37:58 | 000,236,800 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RT2500.sys -- (RT2500)
DRV - [2005-01-31 11:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005-01-31 11:12:46 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004-01-23 19:34:26 | 000,037,840 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\ext2fs.sys -- (Ext2FS)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://onet.pl/
IE - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: "LogiTool Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: IplextoALL@ALLPlayer.org:0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {481f306a-420c-4673-be90-543b7d62a78e}:3.3.3.2
FF - prefs.js..extensions.enabledItems: support@auto-hide-ip.com:1.0
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&q="
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 4

FF - user.js..browser.search.openintab: false

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\J23\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\J23\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-11 14:00:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-23 10:45:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-20 20:25:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\profilinstylin\profilinstylin [2011-07-04 11:18:37 | 000,000,000 | ---D | M]

[2008-09-01 22:33:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\J23\AppData\Roaming\mozilla\Extensions
[2011-07-02 14:46:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions
[2011-06-23 10:45:57 | 000,000,000 | ---D | M] (LogiTool Community Toolbar) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}
[2010-12-17 21:38:55 | 000,000,000 | ---D | M] ("ProCon Latte") -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C}
[2011-03-27 20:02:36 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\engine@conduit.com
[2011-04-07 20:09:54 | 000,000,000 | ---D | M] (Auto Hide IP) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\support@auto-hide-ip.com
[2011-03-15 12:44:50 | 000,000,919 | ---- | M] () -- C:\Users\J23\AppData\Roaming\Mozilla\Firefox\Profiles\hcn2mha1.default\searchplugins\conduit.xml
[2011-06-17 03:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-06-17 03:24:03 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-12-19 10:56:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-12-21 17:53:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-03-13 09:37:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011-07-11 14:00:25 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-04 11:18:37 | 000,000,000 | ---D | M] (profilinstylin - Change your Facebook layout!) -- C:\PROGRAM FILES\PROFILINSTYLIN\PROFILINSTYLIN
() (No name found) -- C:\USERS\J23\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HCN2MHA1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\J23\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HCN2MHA1.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2011-06-23 10:45:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-02-02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-04-20 20:24:54 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-04-20 20:24:54 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-04-20 20:24:54 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-04-20 20:24:54 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-04-20 20:24:54 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-04-20 20:24:54 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: 使用快车3下载 - C:\Users\J23\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\J23\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-06-05 17:43:15 | 000,055,637 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{b7e78240-8095-11e0-b952-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b7e78240-8095-11e0-b952-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AdobeAAMUpdater-1.0[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AdobeCS5ServiceManager[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]AdVantage[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]AlcoholAutomount[/b] - hkey= - key= - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
MsConfig - StartUpReg: [b]ALLUpdate[/b] - hkey= - key= - C:\Program Files\ALLPlayer\ALLUpdate.exe ()
MsConfig - StartUpReg: [b]Auto Hide IP[/b] - hkey= - key= - C:\Program Files\AutoHideIP\AutoHideIP.exe (AutoHideIP.Com)
MsConfig - StartUpReg: [b]BCSSync[/b] - hkey= - key= - C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig - StartUpReg: [b]BtTray[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]QuickTime Task[/b] - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: [b]SwitchBoard[/b] - hkey= - key= - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: [b]TkBellExe[/b] - hkey= - key= - File not found
MsConfig - StartUpReg: [b]Windows Mobile Device Center[/b] - hkey= - key= - C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-07-14 10:49:57 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\sterowniki_xp_fujitsu_siemens_amilo_li2727
[2011-07-13 23:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011-07-11 14:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-07-11 14:58:16 | 000,000,000 | ---D | C] -- C:\rsit
[2011-07-11 14:25:39 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\J23\Desktop\OTL.exe
[2011-07-11 14:22:15 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011-07-11 14:20:25 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Local\Google
[2011-07-09 22:58:49 | 000,955,070 | ---- | C] (Informer Technologies, Inc. ) -- C:\Users\J23\Desktop\siinst.exe
[2011-07-07 21:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011-07-07 21:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011-07-07 21:33:21 | 000,000,000 | ---D | C] -- C:\ATI
[2011-07-07 20:39:21 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\18 WoS Haulin
[2011-07-07 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\18 Wheels of Steel Haulin
[2011-07-07 20:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 Wheels of Steel Haulin
[2011-07-07 20:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\18 Wheels of Steel Haulin
[2011-07-07 19:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Truck
[2011-07-07 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Hard Truck
[2011-07-06 15:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nLite
[2011-07-06 15:30:17 | 000,000,000 | ---D | C] -- C:\Program Files\nLite
[2011-07-06 12:19:49 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Amilo Li 2727
[2011-07-06 08:05:51 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011-07-05 23:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Temporary
[2011-07-05 23:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\Temp
[2011-07-05 11:51:12 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\furry2final
[2011-07-04 11:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\profilinstylin
[2011-07-03 22:25:30 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Firmware-Avila-SAMSUNG-Niebrandowany
[2011-07-03 21:40:51 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\NPS
[2011-07-03 21:40:37 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\My Art
[2011-07-03 21:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio
[2011-07-03 21:35:06 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys
[2011-07-03 21:35:06 | 000,098,432 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys
[2011-07-03 21:35:06 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys
[2011-07-03 21:35:06 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys
[2011-07-03 21:35:06 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys
[2011-07-03 21:35:06 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys
[2011-07-03 21:35:06 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys
[2011-07-03 21:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2011-07-03 21:33:47 | 000,238,952 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
[2011-07-03 21:33:27 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Samsung
[2011-07-03 21:33:27 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\My NPS Files
[2011-07-03 21:33:16 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\Samsung
[2011-07-03 21:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2011-07-03 21:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2011-07-03 21:30:01 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Local\Downloaded Installations
[2011-07-02 20:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
[2011-07-02 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2011-07-02 20:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2011-07-02 20:34:57 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\My ISO Files
[2011-07-02 20:33:24 | 003,849,322 | ---- | C] (EZB Systems, Inc. ) -- C:\Users\J23\Desktop\uiso9_pe.exe
[2011-07-02 14:49:02 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Furry_www.victorygames.pl
[2011-06-29 11:54:02 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011-06-29 11:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011-06-29 11:54:01 | 000,309,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011-06-29 11:53:59 | 000,103,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011-06-29 11:53:40 | 000,194,264 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011-06-29 11:53:39 | 000,043,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011-06-29 11:53:39 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011-06-29 11:53:38 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011-06-29 11:53:38 | 000,054,104 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011-06-29 11:53:10 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011-06-29 11:53:09 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011-06-29 11:53:09 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-06-29 11:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011-06-29 11:53:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-06-29 11:51:33 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Avast Internet Security v6.0.1000 [PL] Crack
[2011-06-27 10:07:02 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011-06-17 03:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011-06-17 03:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011-06-16 09:45:17 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\K550
[2011-06-15 11:09:54 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\aerix
[2011-06-14 22:07:07 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\GTA San Andreas User Files
[2011-06-14 21:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2011-06-14 21:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2011-06-12 18:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2011-06-12 18:52:21 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Win7codecs
[2011-06-12 18:52:13 | 000,000,000 | ---D | C] -- C:\Program Files\Win7codecs
[2011-06-06 21:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011-06-05 17:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMapa 6
[2011-06-05 17:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\AutoMapa EU
[2011-06-02 20:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011-06-02 20:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011-05-18 15:43:59 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Local\Apple Computer
[2011-05-17 16:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011-05-17 16:48:07 | 011,193,664 | ---- | C] (DT Soft Ltd.) -- C:\Users\J23\Desktop\DTLite4402-0131.exe
[2011-05-16 19:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011-05-16 19:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011-05-16 19:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011-05-16 19:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011-05-16 19:27:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011-05-16 19:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011-05-16 19:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011-05-16 19:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011-05-16 19:23:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011-05-16 19:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-05-16 19:21:05 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-02-03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-07-15 11:25:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000UA.job
[2011-07-15 10:22:49 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-07-15 10:22:49 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-07-15 10:19:52 | 000,701,022 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-07-15 10:19:52 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-07-15 10:19:52 | 000,136,040 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-07-15 10:19:52 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-07-15 10:15:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-07-14 23:41:06 | 000,249,340 | ---- | M] () -- C:\Users\J23\Documents\Default.aimppl
[2011-07-14 08:34:57 | 003,761,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-07-13 14:25:01 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000Core.job
[2011-07-13 11:28:16 | 000,002,349 | ---- | M] () -- C:\Users\J23\Desktop\Google Chrome.lnk
[2011-07-11 14:51:07 | 000,048,666 | ---- | M] () -- C:\Users\J23\Desktop\screen.jpg
[2011-07-11 14:35:35 | 000,781,383 | ---- | M] () -- C:\Users\J23\Desktop\RSIT.exe
[2011-07-11 14:25:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\J23\Desktop\OTL.exe
[2011-07-11 14:06:31 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011-07-11 11:59:55 | 048,062,655 | ---- | M] () -- C:\Users\J23\Desktop\sterowniki_xp_fujitsu_siemens_amilo_li2727.rar
[2011-07-11 08:52:20 | 000,000,010 | ---- | M] () -- C:\Windows\popcinfo.dat
[2011-07-09 22:58:51 | 000,955,070 | ---- | M] (Informer Technologies, Inc. ) -- C:\Users\J23\Desktop\siinst.exe
[2011-07-08 21:04:06 | 004,096,449 | ---- | M] () -- C:\Users\J23\Desktop\Tina Turner - We Don T Need Another Hero.mp3
[2011-07-08 20:52:31 | 004,575,013 | ---- | M] () -- C:\Users\J23\Desktop\weekend - ona i on.mp3
[2011-07-08 20:24:04 | 003,825,194 | ---- | M] () -- C:\Users\J23\Desktop\w.b.u - zepsuty świat.mp3
[2011-07-08 20:15:47 | 003,943,206 | ---- | M] () -- C:\Users\J23\Desktop\Bloodhound Gang - The bad touch.mp3
[2011-07-08 20:10:18 | 001,914,044 | ---- | M] () -- C:\Users\J23\Desktop\La Bouche - Be My Lover.mp3
[2011-07-08 15:46:44 | 000,022,528 | ---- | M] () -- C:\Users\J23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-07 20:39:14 | 000,001,028 | ---- | M] () -- C:\Users\J23\Desktop\18 Wheels of Steel Haulin.lnk
[2011-07-07 19:55:46 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
[2011-07-07 19:53:40 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011-07-07 19:53:40 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011-07-06 17:04:38 | 686,751,744 | ---- | M] () -- C:\Users\J23\Desktop\WinLite.iso
[2011-07-06 15:30:18 | 000,000,921 | ---- | M] () -- C:\Users\J23\Desktop\nLite.lnk
[2011-07-06 08:29:59 | 004,660,904 | ---- | M] () -- C:\Users\J23\Desktop\rtlsetup-pcie(664).zip
[2011-07-06 08:29:22 | 000,001,332 | ---- | M] () -- C:\Users\J23\Desktop\ich8smb.zip
[2011-07-06 08:26:59 | 000,173,089 | ---- | M] () -- C:\Users\J23\Desktop\winxp.rar
[2011-07-05 23:47:11 | 000,000,965 | ---- | M] () -- C:\Users\J23\Desktop\UltraISO.lnk
[2011-07-05 11:46:11 | 011,529,842 | ---- | M] () -- C:\Users\J23\Desktop\furry2final.zip
[2011-07-05 11:43:24 | 000,000,014 | ---- | M] () -- C:\Windows\cfh232.cfg
[2011-07-05 11:43:23 | 000,000,016 | ---- | M] () -- C:\Windows\furry.ini
[2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011-07-04 13:37:33 | 000,103,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011-07-04 13:36:18 | 000,194,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011-07-04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011-07-03 23:08:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011-07-03 23:05:06 | 000,411,095 | ---- | M] () -- C:\Users\J23\Desktop\Diamond Twister.jar
[2011-07-03 21:48:06 | 000,929,792 | ---- | M] () -- C:\Users\J23\Desktop\Phonebook.npf
[2011-07-03 21:36:05 | 000,002,088 | ---- | M] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2011-07-03 21:20:25 | 173,838,160 | ---- | M] () -- C:\Users\J23\Desktop\New_PC_Studio_1.5.1.10064_2.exe
[2011-07-03 17:41:08 | 003,561,044 | ---- | M] () -- C:\Users\J23\Desktop\Enej - Radio Hello.mp3
[2011-07-03 03:55:12 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2011-07-02 20:33:50 | 003,849,322 | ---- | M] (EZB Systems, Inc. ) -- C:\Users\J23\Desktop\uiso9_pe.exe
[2011-07-02 11:21:06 | 000,337,460 | ---- | M] () -- C:\Users\J23\Desktop\Multi Loader V5.56 instrukcja instalacji nowego softu.zip
[2011-06-29 16:02:11 | 001,806,892 | ---- | M] () -- C:\Users\J23\Desktop\FW-WAP4035v120.zip
[2011-06-29 16:01:52 | 000,938,447 | ---- | M] () -- C:\Users\J23\Desktop\WAP-4033-4035 02.2006.pdf
[2011-06-29 11:54:02 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-06-27 10:07:02 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011-06-24 12:48:46 | 000,211,473 | R--- | M] () -- C:\Users\J23\Desktop\QUG-Planet.pdf
[2011-06-24 11:53:26 | 000,112,553 | ---- | M] () -- C:\Users\J23\Desktop\ulotka_planet.pdf
[2011-06-24 11:53:20 | 000,938,447 | ---- | M] () -- C:\Users\J23\Desktop\WAP-4033-4035_02.2006.pdf
[2011-06-17 11:17:56 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2011-06-17 11:16:47 | 006,054,799 | ---- | M] () -- C:\Users\J23\Desktop\aimp_3.00.881_beta_2.zip
[2011-06-17 03:23:45 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-06-16 09:44:23 | 020,029,812 | ---- | M] () -- C:\Users\J23\Desktop\k550.rar
[2011-06-11 20:12:55 | 000,000,977 | ---- | M] () -- C:\Users\J23\Desktop\ALLPlayer V4.6.lnk
[2011-06-05 16:04:47 | 000,191,488 | ---- | M] () -- C:\Users\J23\Desktop\magia kart.pps
[2011-06-02 20:59:05 | 003,790,921 | ---- | M] () -- C:\Users\J23\Desktop\aycan - lambada dj matt g remix rip.mp3
[2011-05-17 16:49:00 | 011,193,664 | ---- | M] (DT Soft Ltd.) -- C:\Users\J23\Desktop\DTLite4402-0131.exe
[2011-05-17 16:37:27 | 002,276,805 | ---- | M] () -- C:\Users\J23\Desktop\blablaaaaaaaaa.zip

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-07-11 14:51:07 | 000,048,666 | ---- | C] () -- C:\Users\J23\Desktop\screen.jpg
[2011-07-11 14:35:33 | 000,781,383 | ---- | C] () -- C:\Users\J23\Desktop\RSIT.exe
[2011-07-11 14:22:17 | 000,002,349 | ---- | C] () -- C:\Users\J23\Desktop\Google Chrome.lnk
[2011-07-11 14:20:27 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000UA.job
[2011-07-11 14:20:26 | 000,000,998 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000Core.job
[2011-07-11 11:56:07 | 048,062,655 | ---- | C] () -- C:\Users\J23\Desktop\sterowniki_xp_fujitsu_siemens_amilo_li2727.rar
[2011-07-08 21:00:41 | 004,096,449 | ---- | C] () -- C:\Users\J23\Desktop\Tina Turner - We Don T Need Another Hero.mp3
[2011-07-08 20:49:05 | 004,575,013 | ---- | C] () -- C:\Users\J23\Desktop\weekend - ona i on.mp3
[2011-07-08 20:23:53 | 003,825,194 | ---- | C] () -- C:\Users\J23\Desktop\w.b.u - zepsuty świat.mp3
[2011-07-08 20:15:37 | 003,943,206 | ---- | C] () -- C:\Users\J23\Desktop\Bloodhound Gang - The bad touch.mp3
[2011-07-08 20:10:11 | 001,914,044 | ---- | C] () -- C:\Users\J23\Desktop\La Bouche - Be My Lover.mp3
[2011-07-07 20:39:14 | 000,001,028 | ---- | C] () -- C:\Users\J23\Desktop\18 Wheels of Steel Haulin.lnk
[2011-07-07 19:55:46 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
[2011-07-07 19:53:36 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011-07-07 19:53:36 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011-07-06 17:03:52 | 686,751,744 | ---- | C] () -- C:\Users\J23\Desktop\WinLite.iso
[2011-07-06 15:30:18 | 000,000,921 | ---- | C] () -- C:\Users\J23\Desktop\nLite.lnk
[2011-07-06 08:29:28 | 004,660,904 | ---- | C] () -- C:\Users\J23\Desktop\rtlsetup-pcie(664).zip
[2011-07-06 08:29:21 | 000,001,332 | ---- | C] () -- C:\Users\J23\Desktop\ich8smb.zip
[2011-07-06 08:26:57 | 000,173,089 | ---- | C] () -- C:\Users\J23\Desktop\winxp.rar
[2011-07-05 11:42:46 | 011,529,842 | ---- | C] () -- C:\Users\J23\Desktop\furry2final.zip
[2011-07-03 23:08:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011-07-03 23:05:01 | 000,411,095 | ---- | C] () -- C:\Users\J23\Desktop\Diamond Twister.jar
[2011-07-03 21:47:59 | 000,929,792 | ---- | C] () -- C:\Users\J23\Desktop\Phonebook.npf
[2011-07-03 21:36:05 | 000,002,088 | ---- | C] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2011-07-03 21:33:47 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011-07-03 21:33:47 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011-07-03 21:33:47 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sy_
[2011-07-03 20:33:07 | 173,838,160 | ---- | C] () -- C:\Users\J23\Desktop\New_PC_Studio_1.5.1.10064_2.exe
[2011-07-03 17:40:21 | 003,561,044 | ---- | C] () -- C:\Users\J23\Desktop\Enej - Radio Hello.mp3
[2011-07-02 20:35:01 | 000,000,965 | ---- | C] () -- C:\Users\J23\Desktop\UltraISO.lnk
[2011-07-02 15:02:29 | 000,000,014 | ---- | C] () -- C:\Windows\cfh232.cfg
[2011-07-02 14:49:22 | 000,000,016 | ---- | C] () -- C:\Windows\furry.ini
[2011-07-02 11:21:06 | 000,337,460 | ---- | C] () -- C:\Users\J23\Desktop\Multi Loader V5.56 instrukcja instalacji nowego softu.zip
[2011-06-29 16:02:10 | 001,806,892 | ---- | C] () -- C:\Users\J23\Desktop\FW-WAP4035v120.zip
[2011-06-29 16:01:49 | 000,938,447 | ---- | C] () -- C:\Users\J23\Desktop\WAP-4033-4035 02.2006.pdf
[2011-06-29 11:54:02 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-06-28 14:04:45 | 000,249,340 | ---- | C] () -- C:\Users\J23\Documents\Default.aimppl
[2011-06-24 12:54:17 | 000,211,473 | R--- | C] () -- C:\Users\J23\Desktop\QUG-Planet.pdf
[2011-06-24 11:53:26 | 000,112,553 | ---- | C] () -- C:\Users\J23\Desktop\ulotka_planet.pdf
[2011-06-24 11:53:20 | 000,938,447 | ---- | C] () -- C:\Users\J23\Desktop\WAP-4033-4035_02.2006.pdf
[2011-06-17 11:16:19 | 006,054,799 | ---- | C] () -- C:\Users\J23\Desktop\aimp_3.00.881_beta_2.zip
[2011-06-17 03:23:45 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-06-16 09:42:26 | 020,029,812 | ---- | C] () -- C:\Users\J23\Desktop\k550.rar
[2011-06-12 12:06:44 | 008,400,344 | ---- | C] () -- C:\Users\J23\Desktop\Benny Benassi-Satistaction.wav
[2011-06-12 12:06:41 | 006,832,984 | ---- | C] () -- C:\Users\J23\Desktop\1082725003182_morwa_to_dla_sluchaczy.wmv
[2011-06-11 20:12:55 | 000,000,977 | ---- | C] () -- C:\Users\J23\Desktop\ALLPlayer V4.6.lnk
[2011-06-06 21:27:31 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-06-05 16:04:42 | 000,191,488 | ---- | C] () -- C:\Users\J23\Desktop\magia kart.pps
[2011-06-02 20:55:58 | 003,790,921 | ---- | C] () -- C:\Users\J23\Desktop\aycan - lambada dj matt g remix rip.mp3
[2011-05-17 16:37:24 | 002,276,805 | ---- | C] () -- C:\Users\J23\Desktop\blablaaaaaaaaa.zip
[2011-04-28 20:22:43 | 000,000,204 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2011-04-28 20:21:30 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011-04-28 20:14:29 | 000,000,028 | ---- | C] () -- C:\ProgramData\GRGames.ini
[2011-04-20 20:16:30 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-04-20 20:14:53 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-04-18 19:53:58 | 000,037,840 | ---- | C] () -- C:\Windows\System32\drivers\ext2fs.sys
[2011-04-18 19:08:30 | 000,000,192 | ---- | C] () -- C:\Windows\AWS.ini
[2011-04-08 19:08:23 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll
[2011-03-21 18:34:32 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011-03-07 16:36:57 | 000,000,000 | ---- | C] () -- C:\Users\J23\AppData\Roaming\chrtmp
[2011-01-26 16:56:49 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011-01-21 07:36:02 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011-01-12 21:34:09 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2010-12-25 21:49:19 | 000,022,528 | ---- | C] () -- C:\Users\J23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-24 13:27:11 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010-12-18 19:42:09 | 000,725,064 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2010-12-18 19:42:08 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2010-12-18 19:42:07 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2010-04-06 19:33:10 | 000,025,864 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2009-07-14 10:07:57 | 000,701,022 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2009-07-14 10:07:57 | 000,136,040 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 06:33:53 | 003,761,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-07-14 04:05:48 | 000,618,714 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009-07-14 04:05:48 | 000,107,034 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008-01-01 21:35:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008-01-01 21:35:22 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2005-01-31 09:37:58 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[color=#E56717]========== LOP Check ==========[/color]

[2011-04-28 21:42:04 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\advantage
[2011-06-15 11:09:54 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\aerix
[2011-07-14 23:44:52 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\AIMP3
[2011-04-07 20:09:20 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\AutoHideIP
[2010-12-25 21:51:18 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\BESTplayer
[2011-04-28 20:45:22 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\BITS
[2011-03-07 16:37:38 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Blitware
[2011-01-10 17:47:42 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\DAEMON Tools Lite
[2011-03-02 18:36:43 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\EMCO
[2011-06-27 21:09:26 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\EurekaLog
[2011-04-28 20:21:06 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\FlashGet
[2011-04-28 20:20:49 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\FlashGetBHO
[2011-02-11 21:34:52 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Gadu-Gadu 10
[2011-04-28 20:19:35 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\GetRight
[2010-12-17 19:52:49 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\GHISLER
[2011-06-10 00:06:25 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\ipla
[2011-01-27 19:37:53 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\IrfanView
[2010-12-25 21:16:01 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\LolClient
[2011-03-30 19:28:52 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Miranda
[2010-12-24 00:56:44 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\OpenFM
[2011-06-10 22:39:37 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\RDRM
[2011-07-03 21:33:27 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Samsung
[2011-04-28 21:21:55 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Tific
[2010-12-24 13:13:31 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Tlen.pl
[2011-06-12 18:52:21 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Win7codecs
[2011-07-03 03:55:12 | 000,000,340 | ---- | M] () -- C:\Windows\Tasks\Driver Robot.job
[2011-04-22 21:54:28 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-03-30 09:00:33 | 000,010,138 | ---- | M] () -- C:\aaw7boot.log
[2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2011-06-05 17:43:15 | 000,055,637 | ---- | M] () -- C:\AutoMapaSetupLog.txt
[2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2008-01-01 21:31:14 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010-12-17 19:53:36 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-12-17 19:53:36 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011-07-15 10:15:25 | 2011,684,864 | -HS- | M] () -- C:\pagefile.sys
[2011-04-18 20:24:59 | 000,012,283 | ---- | M] () -- C:\TREEINFO.NCD
[2008-09-01 21:39:48 | 000,171,136 | RHS- | M] () -- C:\W7LDR


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< End of report >
[/log]

Extras
[log]OTL Extras logfile created on: 2011-07-15 12:02:12 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\J23\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,87 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 65,91% Memory free
3,75 Gb Paging File | 2,94 Gb Available in Paging File | 78,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,08 Gb Total Space | 9,03 Gb Free Space | 23,12% Space Free | Partition Type: NTFS
Drive D: | 109,97 Gb Total Space | 14,57 Gb Free Space | 13,25% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 6,31 Gb Free Space | 4,24% Space Free | Partition Type: NTFS

Computer Name: J23-KOMPUTER | User Name: J23 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1" = MiniTool Partition Wizard Home Edition 5.2
"{1A36CF15-DF66-4756-9482-A9ABF3DDACE6}_is1" = Driver Robot
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{881C69F2-3861-4F18-BA0D-9B742C5E44FF}" = Voice Twister
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.2 - Polish
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"18 Wheels of Steel Haulin" = 18 Wheels of Steel Haulin
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP3" = AIMP3
"ALLPlayer_is1" = ALLPlayer V4.X
"AQQ" = WapSter AQQ
"Ashampoo WinOptimizer 8_is1" = Ashampoo WinOptimizer 8 v.8.04
"Audacity_is1" = Audacity 1.2.6
"AutoHideIP" = Auto Hide IP
"avast" = avast! Internet Security
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"Gadu-Gadu 10" = Gadu-Gadu 10
"GOM Player" = GOM Player
"Hard Truck 18 Wheels of Steel" = Hard Truck 18 Wheels of Steel
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"ipla" = ipla 2.2.1
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 5.0 (x86 pl)" = Mozilla Firefox 5.0 (x86 pl)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"nLite_is1" = nLite 1.4.9.1
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Profilin Stylin" = Profilin Stylin
"Super Kulki_is1" = Super Kulki
"Tlen.pl" = Tlen.pl
"Total Video Converter 3.11_is1" = Total Video Converter 3.11 070908
"Totalcmd" = Total Commander (Remove or Repair)
"UltraISO_is1" = UltraISO Premium V9.36
"WinRAR archiver" = Archiwizator WinRAR
"WMV To VCD DVD MPEG Converter Pro_is1" = WMV To VCD DVD MPEG Converter Pro 2.5
"Zuma Deluxe RA" = Zuma Deluxe RA

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-866066421-2766305544-3693691503-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
[/log]

RSIT
[log]Logfile of random's system information tool 1.09 (written by random/random)
Run by J23 at 2011-07-15 12:16:38
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 9 GB (23%) free of 40 GB
Total RAM: 1918 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:16:43, on 2011-07-15
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\J23\Desktop\RSIT.exe
C:\Program Files\trend micro\J23.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://onet.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: BHO_HelloWorld.BHO - {cbfb5c65-652c-3e10-9d9a-e586816d9342} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\J23\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{216FEFBE-B5D5-4B2D-BA8C-49C71DFFF041}: NameServer = 192.168.2.1,194.204.152.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0E1BD89-5858-4A05-B4C5-AC5604EAB63B}: NameServer = 192.168.2.254,192.168.9.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE57A4E7-F404-4747-B354-815ECC05C7A3}: NameServer = 192.168.2.254,192.168.9.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{216FEFBE-B5D5-4B2D-BA8C-49C71DFFF041}: NameServer = 192.168.2.1,194.204.152.34
O17 - HKLM\System\CS2\Services\Tcpip\..\{216FEFBE-B5D5-4B2D-BA8C-49C71DFFF041}: NameServer = 192.168.2.1,194.204.152.34
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7327 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Driver Robot.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\J23\AppData\Roaming\Mozilla\Firefox\Profiles\hcn2mha1.default

prefs.js - "browser.startup.homepage" - "google.pl"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, IplextoALL@ALLPlayer.org:0.1, engine@conduit.com:3.3.3.2, {481f306a-420c-4673-be90-543b7d62a78e}:3.3.3.2, support@auto-hide-ip.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
allegro-pl.xml
fbc-pl.xml
google.xml
merlin-pl.xml
pwn-pl.xml
wikipedia-pl.xml
wp-pl.xml

C:\Users\J23\AppData\Roaming\Mozilla\Firefox\Profiles\hcn2mha1.default\extensions\
engine@conduit.com
support@auto-hide-ip.com
{481f306a-420c-4673-be90-543b7d62a78e}
{9D6218B8-03C7-4b91-AA43-680B305DD35C}

C:\Users\J23\AppData\Roaming\Mozilla\Firefox\Profiles\hcn2mha1.default\searchplugins\
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cbfb5c65-652c-3e10-9d9a-e586816d9342}]
BHO_HelloWorld.BHO - C:\Windows\system32\mscoree.dll [2010-11-05 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616}]
IplexToALLPlayer - C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL [2011-02-09 400384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"NPSStartup"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-05-26 15147400]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-04 95576]
"Google Update"=C:\Users\J23\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-11 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
C:\Users\J23\AppData\Roaming\advantage\AdVantage.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALLUpdate]
C:\Program Files\ALLPlayer\ALLUpdate.exe [2011-02-08 1362944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Auto Hide IP]
C:\Program Files\AutoHideIP\AutoHideIP.exe [2011-03-29 3737840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-07-13 23:31:01 ----D---- C:\Program Files\MSXML 4.0
2011-07-13 11:36:29 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 11:36:29 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 11:36:29 ----A---- C:\Windows\system32\conhost.exe
2011-07-13 11:36:20 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 11:36:18 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 11:36:17 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 11:36:16 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 11:36:16 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 11:36:16 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 11:36:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 11:36:16 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 11:36:08 ----A---- C:\Windows\system32\win32k.sys
2011-07-11 14:58:17 ----D---- C:\Program Files\trend micro
2011-07-11 14:58:16 ----D---- C:\rsit
2011-07-07 21:34:22 ----D---- C:\Program Files\ATI Technologies
2011-07-07 21:34:19 ----D---- C:\Program Files\ATI
2011-07-07 21:33:21 ----D---- C:\ATI
2011-07-07 20:42:17 ----A---- C:\Windows\system32\xinput1_3.dll
2011-07-07 20:42:17 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-07-07 20:42:17 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-07-07 20:42:17 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-07-07 20:42:16 ----A---- C:\Windows\system32\xinput1_2.dll
2011-07-07 20:42:16 ----A---- C:\Windows\system32\xinput1_1.dll
2011-07-07 20:42:16 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-07-07 20:42:16 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-07-07 20:42:15 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-07-07 20:42:08 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-07-07 20:42:08 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-07-07 20:42:08 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-07-07 20:42:07 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-07-07 20:42:07 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-07-07 20:42:07 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-07-07 20:42:06 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-07-07 20:42:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-07-07 20:38:18 ----D---- C:\Program Files\18 Wheels of Steel Haulin
2011-07-07 19:55:29 ----D---- C:\Program Files\Hard Truck
2011-07-06 15:30:17 ----D---- C:\Program Files\nLite
2011-07-06 08:05:51 ----D---- C:\Windows\Minidump
2011-07-05 23:47:02 ----D---- C:\Program Files\Temporary
2011-07-05 23:47:01 ----D---- C:\Program Files\Temp
2011-07-04 11:18:35 ----D---- C:\Program Files\profilinstylin
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bwhnt.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bwh.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bmdm.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bmdfl.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bcmnt.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bcm.sys
2011-07-03 21:35:06 ----A---- C:\Windows\system32\drivers\ss_bbus.sys
2011-07-03 21:34:17 ----D---- C:\ProgramData\Samsung
2011-07-03 21:33:47 ----A---- C:\Windows\system32\FsUsbExService.Exe
2011-07-03 21:33:47 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2011-07-03 21:33:47 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2011-07-03 21:33:27 ----D---- C:\Users\J23\AppData\Roaming\Samsung
2011-07-03 21:32:42 ----D---- C:\Program Files\MarkAny
2011-07-03 21:32:15 ----D---- C:\Program Files\Samsung
2011-07-02 20:35:00 ----D---- C:\Program Files\Common Files\EZB Systems
2011-07-02 20:34:57 ----D---- C:\Program Files\UltraISO
2011-07-02 14:49:22 ----A---- C:\Windows\furry.ini
2011-06-29 11:59:59 ----A---- C:\Windows\ntbtlog.txt
2011-06-29 11:54:02 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2011-06-29 11:54:01 ----A---- C:\Windows\system32\drivers\aswSP.sys
2011-06-29 11:53:59 ----A---- C:\Windows\system32\drivers\aswFW.sys
2011-06-29 11:53:40 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2011-06-29 11:53:39 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2011-06-29 11:53:39 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2011-06-29 11:53:38 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2011-06-29 11:53:38 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2011-06-29 11:53:10 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2011-06-29 11:53:09 ----A---- C:\Windows\system32\aswBoot.exe
2011-06-29 11:53:09 ----A---- C:\Windows\avastSS.scr
2011-06-29 11:53:03 ----D---- C:\ProgramData\AVAST Software
2011-06-29 11:53:03 ----D---- C:\Program Files\AVAST Software
2011-06-28 20:39:27 ----A---- C:\Windows\system32\tquery.dll
2011-06-28 20:39:27 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-28 20:39:27 ----A---- C:\Windows\system32\mssrch.dll
2011-06-28 20:39:26 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-28 20:39:26 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-28 20:39:26 ----A---- C:\Windows\system32\mssvp.dll
2011-06-28 20:39:26 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-28 20:39:26 ----A---- C:\Windows\system32\mssph.dll
2011-06-28 20:39:25 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-28 20:39:24 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-27 10:07:02 ----A---- C:\Windows\system32\CmdLineExt.dll
2011-06-17 03:23:44 ----D---- C:\Program Files\Common Files\Skype
2011-06-16 05:05:09 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-16 05:05:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-16 05:05:07 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-16 05:05:06 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-16 05:05:06 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-16 05:05:06 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-16 05:05:05 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-16 05:04:58 ----A---- C:\Windows\system32\mshtml.dll
2011-06-16 05:04:58 ----A---- C:\Windows\system32\ieframe.dll
2011-06-16 05:04:57 ----A---- C:\Windows\system32\urlmon.dll
2011-06-16 05:04:56 ----A---- C:\Windows\system32\wininet.dll
2011-06-16 05:04:56 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-16 05:04:56 ----A---- C:\Windows\system32\ieui.dll
2011-06-16 05:04:56 ----A---- C:\Windows\system32\iertutil.dll
2011-06-16 05:04:55 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-16 05:04:54 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-16 05:04:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-16 05:04:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys

======List of files/folders modified in the last 1 month======

2011-07-15 12:15:36 ----D---- C:\Windows\Prefetch
2011-07-15 12:02:05 ----D---- C:\Windows\Temp
2011-07-15 11:57:44 ----D---- C:\Users\J23\AppData\Roaming\Skype
2011-07-15 10:28:58 ----D---- C:\Windows\system32\config
2011-07-15 10:19:52 ----D---- C:\Windows\System32
2011-07-15 10:19:52 ----D---- C:\Windows\inf
2011-07-15 10:19:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-14 23:44:52 ----D---- C:\Users\J23\AppData\Roaming\AIMP3
2011-07-14 08:35:11 ----D---- C:\Windows\winsxs
2011-07-14 08:33:14 ----D---- C:\Windows\system32\DriverStore
2011-07-13 23:31:29 ----D---- C:\Windows\debug
2011-07-13 23:31:27 ----A---- C:\Windows\system32\MRT.exe
2011-07-13 23:31:19 ----SHD---- C:\Windows\Installer
2011-07-13 23:31:14 ----D---- C:\Windows
2011-07-13 23:31:01 ----RD---- C:\Program Files
2011-07-13 23:30:46 ----SHD---- C:\System Volume Information
2011-07-13 11:35:56 ----D---- C:\Windows\system32\catroot2
2011-07-13 11:35:56 ----D---- C:\Windows\system32\catroot
2011-07-11 14:20:27 ----D---- C:\Windows\Tasks
2011-07-11 14:20:27 ----D---- C:\Windows\system32\Tasks
2011-07-10 21:43:21 ----D---- C:\ProgramData\OpenFM
2011-07-07 20:42:15 ----RSD---- C:\Windows\assembly
2011-07-07 15:10:21 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-07-03 23:08:13 ----D---- C:\Windows\system32\drivers
2011-07-03 23:08:09 ----D---- C:\Windows\system32\drivers\UMDF
2011-07-03 21:34:17 ----HD---- C:\ProgramData
2011-07-03 21:33:18 ----D---- C:\Windows\SoftwareDistribution
2011-07-03 21:33:06 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-02 20:35:00 ----D---- C:\Program Files\Common Files
2011-07-02 14:51:11 ----SD---- C:\Users\J23\AppData\Roaming\Microsoft
2011-06-29 03:16:18 ----RSD---- C:\Windows\Fonts
2011-06-27 22:53:59 ----D---- C:\Program Files\Counter-Strike
2011-06-27 21:09:26 ----D---- C:\Users\J23\AppData\Roaming\EurekaLog
2011-06-25 07:55:23 ----D---- C:\Windows\Microsoft.NET
2011-06-24 12:35:13 ----D---- C:\Windows\system32\NDF
2011-06-23 10:45:59 ----D---- C:\Program Files\Mozilla Firefox
2011-06-17 11:17:56 ----D---- C:\Program Files\AIMP3
2011-06-17 03:24:03 ----RD---- C:\Program Files\Skype
2011-06-17 03:23:37 ----D---- C:\ProgramData\Skype
2011-06-17 03:20:30 ----D---- C:\Windows\system32\migration
2011-06-17 03:20:30 ----D---- C:\Program Files\Internet Explorer
2011-06-17 03:02:43 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2011-02-23 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2011-07-04 194264]
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-05-17 431672]
R0 Ultra;Ultra; C:\Windows\system32\DRIVERS\ultra.sys [2002-05-03 41280]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2011-07-04 103384]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 cpudriver;cpudriver; \??\C:\Program Files\Temporary\cpu.sys [2011-07-05 20992]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-14 4194816]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 RT2500;RT2500 Wireless Driver; C:\Windows\system32\DRIVERS\RT2500.sys [2006-06-02 236800]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-01-21 328808]
S3 ag606s4n;ag606s4n; C:\Windows\system32\drivers\ag606s4n.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Sterownik filtru magistrali AGP AMD; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 andxpr67;andxpr67; C:\Windows\system32\drivers\andxpr67.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 25864]
S3 cpu;cpu; \??\C:\cpu.sys []
S3 Ext2FS;Ext2FS; C:\Windows\system32\drivers\Ext2FS.sys [2004-01-23 37840]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 23048]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\DRIVERS\LVUSBSta.sys [2005-01-31 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2010-08-16 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2010-08-16 11104]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr magistrali AGP SIS; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Karta USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr magistrali AGP VIA; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WINUSB;Sterownik WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-07-04 121000]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 KMService;KMService; C:\Windows\system32\srvany.exe [2011-01-12 8192]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS.exe [2009-08-24 406016]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-18 1343400]
S4 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe []
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S4 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------
[/log]

into.txt nie został wygenerowany, nie wiem dlaczego..

wirusolog
komentarz
komentarz

[b]1.[/b] Uruchom OTL i w oknie [b]Własne opcje skanowania/Skrypt[/b] wklej następujący tekst:

[code]:OTL
SRV - File not found [Disabled | Stopped] -- -- (BlueSoleilCS)
DRV - [2011-07-05 23:47:02 | 000,020,992 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\Temporary\cpu.sys -- (cpudriver)
FF - prefs.js..browser.search.defaultthis.engineName: "LogiTool Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&SearchSource=3&q={searchTerms}"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&q
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2011-06-23 10:45:57 | 000,000,000 | ---D | M] (LogiTool Community Toolbar) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}
O4 - HKLM..\Run: [NPSStartup] File not found
MsConfig - StartUpReg: AdVantage - hkey= - key= - File not found
MsConfig - StartUpReg: BtTray - hkey= - key= - File not found
MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found

:Files
C:\Windows\tasks\Driver Robot.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000UA.job

:Commands
[emptyflash]
[emtytemp][/code]
Kliknij w [b]Wykonaj skrypt[/b]. Zatwierdź restart komputera.

[b]2.[/b] Ściągnij [url=http://www.teamxscript.org/too/AD-R.exe][b][color=blue][u]Ad-Remover[/url][/b][/color][/u] i wciśnij w nim [size="3"][b]Clean[/b][/size]
Pokaż raport z tego narzędzia.

[b]3.[/b] Po tych czynnościach uruchamiasz OTL ponownie, tym razem wywołujesz opcję [b]Skanuj[/b]. [u]Pokazujesz nowe logi z OTL + raport z usuwania Ad-Removerem + raport z usuwania OTLem[/u].

wacek223
komentarz
komentarz (edytowane)

[log]OTL logfile created on: 2011-07-15 15:33:21 - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\J23\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,87 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 59,92% Memory free
3,75 Gb Paging File | 2,88 Gb Available in Paging File | 76,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,08 Gb Total Space | 9,21 Gb Free Space | 23,57% Space Free | Partition Type: NTFS
Drive D: | 109,97 Gb Total Space | 14,57 Gb Free Space | 13,25% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 6,31 Gb Free Space | 4,24% Space Free | Partition Type: NTFS

Computer Name: J23-KOMPUTER | User Name: J23 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2011-07-11 14:25:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\J23\Desktop\OTL.exe
PRC - [2011-07-11 14:20:24 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\J23\AppData\Local\Google\Update\GoogleUpdate.exe
PRC - [2011-07-09 06:51:19 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Users\J23\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-05-26 21:50:22 | 015,147,400 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2010-11-20 14:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2010-11-20 14:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-11-20 14:17:30 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe
PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2010-10-29 15:49:28 | 000,249,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2010-07-04 19:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-07-14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
PRC - [2009-07-14 03:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\notepad.exe
PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2011-07-11 14:25:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\J23\Desktop\OTL.exe
MOD - [2011-07-04 13:43:51 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011-06-03 07:59:23 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2011-05-14 08:26:31 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2011-02-25 07:34:36 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2010-11-20 14:24:36 | 001,288,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011-07-04 13:43:51 | 000,121,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-01-12 21:33:36 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
SRV - [2010-12-18 11:17:09 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-07-04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010-03-25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-12-23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009-08-24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS.exe -- (DfSdkS)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008-09-08 08:59:00 | 000,575,488 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-05-31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011-07-04 13:37:33 | 000,103,384 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-07-04 13:36:18 | 000,194,264 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-07-04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-05-17 16:50:47 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-02-23 14:34:54 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-08-16 16:31:08 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2010-08-16 16:31:06 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2010-06-14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010-04-27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010-04-27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010-04-27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2010-04-06 19:33:10 | 000,025,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2010-04-06 19:32:48 | 000,023,048 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2010-04-06 19:32:44 | 000,020,104 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009-07-14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\system32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008-08-26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006-06-02 06:37:58 | 000,236,800 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RT2500.sys -- (RT2500)
DRV - [2005-01-31 11:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005-01-31 11:12:46 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004-01-23 19:34:26 | 000,037,840 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\ext2fs.sys -- (Ext2FS)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "google.pl"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: IplextoALL@ALLPlayer.org:0.1
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {481f306a-420c-4673-be90-543b7d62a78e}:3.3.3.2
FF - prefs.js..extensions.enabledItems: support@auto-hide-ip.com:1.0
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 4

FF - user.js..browser.search.openintab: false

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\J23\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\J23\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-11 14:00:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-23 10:45:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-04-20 20:25:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files\profilinstylin\profilinstylin [2011-07-04 11:18:37 | 000,000,000 | ---D | M]

[2008-09-01 22:33:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\J23\AppData\Roaming\mozilla\Extensions
[2011-07-15 15:25:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions
[2010-12-17 21:38:55 | 000,000,000 | ---D | M] ("ProCon Latte") -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C}
[2011-04-07 20:09:54 | 000,000,000 | ---D | M] (Auto Hide IP) -- C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\support@auto-hide-ip.com
[2011-06-17 03:24:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-06-17 03:24:03 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-12-19 10:56:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010-12-21 17:53:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-03-13 09:37:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011-07-11 14:00:25 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011-07-04 11:18:37 | 000,000,000 | ---D | M] (profilinstylin - Change your Facebook layout!) -- C:\PROGRAM FILES\PROFILINSTYLIN\PROFILINSTYLIN
File not found (No name found) -- C:\USERS\J23\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HCN2MHA1.DEFAULT\EXTENSIONS\{481F306A-420C-4673-BE90-543B7D62A78E}
() (No name found) -- C:\USERS\J23\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HCN2MHA1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\J23\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HCN2MHA1.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2011-06-23 10:45:08 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-02-02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011-04-20 20:24:54 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-04-20 20:24:54 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-04-20 20:24:54 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-04-20 20:24:54 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-04-20 20:24:54 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-04-20 20:24:54 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: 使用快车3下载 - C:\Users\J23\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\J23\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-06-05 17:43:15 | 000,055,637 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ]
O33 - MountPoints2\{b7e78240-8095-11e0-b952-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b7e78240-8095-11e0-b952-806e6f6e6963}\Shell\AutoRun\command - "" = G:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2011-07-15 15:24:08 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2011-07-15 15:19:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-07-14 10:49:57 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\sterowniki_xp_fujitsu_siemens_amilo_li2727
[2011-07-13 23:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011-07-13 11:36:29 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011-07-13 11:36:29 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011-07-13 11:36:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011-07-13 11:36:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011-07-13 11:36:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011-07-13 11:36:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011-07-13 11:36:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011-07-13 11:36:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011-07-13 11:36:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011-07-13 11:36:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011-07-13 11:36:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011-07-13 11:36:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011-07-13 11:36:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011-07-13 11:36:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011-07-13 11:36:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011-07-13 11:36:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011-07-13 11:36:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011-07-13 11:36:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011-07-13 11:36:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011-07-13 11:36:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011-07-13 11:36:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011-07-13 11:36:08 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011-07-11 14:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011-07-11 14:58:16 | 000,000,000 | ---D | C] -- C:\rsit
[2011-07-11 14:25:39 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\J23\Desktop\OTL.exe
[2011-07-11 14:22:15 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011-07-11 14:20:25 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Local\Google
[2011-07-09 22:58:49 | 000,955,070 | ---- | C] (Informer Technologies, Inc. ) -- C:\Users\J23\Desktop\siinst.exe
[2011-07-07 21:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011-07-07 21:34:19 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011-07-07 21:33:21 | 000,000,000 | ---D | C] -- C:\ATI
[2011-07-07 20:42:17 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011-07-07 20:42:17 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011-07-07 20:42:17 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011-07-07 20:42:17 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011-07-07 20:42:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011-07-07 20:42:16 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011-07-07 20:42:16 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011-07-07 20:42:16 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011-07-07 20:42:15 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011-07-07 20:42:08 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011-07-07 20:42:08 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011-07-07 20:42:08 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011-07-07 20:42:07 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011-07-07 20:42:07 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011-07-07 20:42:07 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011-07-07 20:42:06 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011-07-07 20:42:06 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011-07-07 20:39:21 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\18 WoS Haulin
[2011-07-07 20:39:14 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\18 Wheels of Steel Haulin
[2011-07-07 20:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 Wheels of Steel Haulin
[2011-07-07 20:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\18 Wheels of Steel Haulin
[2011-07-07 19:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Truck
[2011-07-07 19:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Hard Truck
[2011-07-06 15:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nLite
[2011-07-06 15:30:17 | 000,000,000 | ---D | C] -- C:\Program Files\nLite
[2011-07-06 12:19:49 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Amilo Li 2727
[2011-07-06 08:05:51 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011-07-05 23:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Temporary
[2011-07-05 23:47:01 | 000,000,000 | ---D | C] -- C:\Program Files\Temp
[2011-07-05 11:51:12 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\furry2final
[2011-07-04 11:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\profilinstylin
[2011-07-03 22:25:30 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Firmware-Avila-SAMSUNG-Niebrandowany
[2011-07-03 21:40:51 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\NPS
[2011-07-03 21:40:37 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\My Art
[2011-07-03 21:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio
[2011-07-03 21:35:06 | 000,123,648 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdm.sys
[2011-07-03 21:35:06 | 000,098,432 | ---- | C] (MCCI) -- C:\Windows\System32\drivers\ss_bbus.sys
[2011-07-03 21:35:06 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bmdfl.sys
[2011-07-03 21:35:06 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcmnt.sys
[2011-07-03 21:35:06 | 000,012,416 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bcm.sys
[2011-07-03 21:35:06 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwhnt.sys
[2011-07-03 21:35:06 | 000,012,288 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ss_bwh.sys
[2011-07-03 21:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2011-07-03 21:33:47 | 000,238,952 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
[2011-07-03 21:33:27 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Samsung
[2011-07-03 21:33:27 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\My NPS Files
[2011-07-03 21:33:16 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\Samsung
[2011-07-03 21:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2011-07-03 21:32:15 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung
[2011-07-03 21:30:01 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Local\Downloaded Installations
[2011-07-02 20:35:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
[2011-07-02 20:35:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2011-07-02 20:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2011-07-02 20:34:57 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\My ISO Files
[2011-07-02 20:33:24 | 003,849,322 | ---- | C] (EZB Systems, Inc. ) -- C:\Users\J23\Desktop\uiso9_pe.exe
[2011-07-02 14:49:02 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Furry_www.victorygames.pl
[2011-06-29 11:54:02 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011-06-29 11:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011-06-29 11:54:01 | 000,309,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011-06-29 11:53:59 | 000,103,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011-06-29 11:53:40 | 000,194,264 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011-06-29 11:53:39 | 000,043,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011-06-29 11:53:39 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011-06-29 11:53:38 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011-06-29 11:53:38 | 000,054,104 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011-06-29 11:53:10 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011-06-29 11:53:09 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011-06-29 11:53:09 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-06-29 11:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011-06-29 11:53:03 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011-06-29 11:51:33 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\Avast Internet Security v6.0.1000 [PL] Crack
[2011-06-28 20:39:27 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011-06-28 20:39:27 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011-06-28 20:39:26 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011-06-28 20:39:26 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011-06-28 20:39:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011-06-28 20:39:25 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011-06-27 10:07:02 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011-06-17 03:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011-06-17 03:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011-06-16 09:45:17 | 000,000,000 | ---D | C] -- C:\Users\J23\Desktop\K550
[2011-06-16 05:04:56 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011-06-16 05:04:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011-06-16 05:04:55 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-06-16 05:04:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011-06-15 11:09:54 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\aerix
[2011-06-14 22:07:07 | 000,000,000 | ---D | C] -- C:\Users\J23\Documents\GTA San Andreas User Files
[2011-06-14 21:48:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2011-06-14 21:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2011-06-12 18:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2011-06-12 18:52:21 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Roaming\Win7codecs
[2011-06-12 18:52:13 | 000,000,000 | ---D | C] -- C:\Program Files\Win7codecs
[2011-06-06 21:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2011-06-05 17:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoMapa 6
[2011-06-05 17:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\AutoMapa EU
[2011-06-02 20:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011-06-02 20:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011-06-02 18:04:11 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011-05-18 20:13:26 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011-05-18 15:43:59 | 000,000,000 | ---D | C] -- C:\Users\J23\AppData\Local\Apple Computer
[2011-05-17 16:50:19 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011-05-17 16:48:07 | 011,193,664 | ---- | C] (DT Soft Ltd.) -- C:\Users\J23\Desktop\DTLite4402-0131.exe
[2011-05-16 19:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011-05-16 19:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011-05-16 19:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011-05-16 19:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011-05-16 19:27:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011-05-16 19:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011-05-16 19:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011-05-16 19:24:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2011-05-16 19:23:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011-05-16 19:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011-05-16 19:21:05 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010-02-03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2011-07-15 15:37:07 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-07-15 15:37:07 | 000,010,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-07-15 15:35:45 | 000,701,022 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2011-07-15 15:35:45 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011-07-15 15:35:45 | 000,136,040 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2011-07-15 15:35:45 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011-07-15 15:29:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-07-15 15:24:08 | 000,001,837 | ---- | M] () -- C:\Users\J23\Desktop\AD-R.lnk
[2011-07-15 13:06:08 | 000,249,340 | ---- | M] () -- C:\Users\J23\Documents\Default.aimppl
[2011-07-14 08:34:57 | 003,761,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011-07-13 11:28:16 | 000,002,349 | ---- | M] () -- C:\Users\J23\Desktop\Google Chrome.lnk
[2011-07-11 14:51:07 | 000,048,666 | ---- | M] () -- C:\Users\J23\Desktop\screen.jpg
[2011-07-11 14:35:35 | 000,781,383 | ---- | M] () -- C:\Users\J23\Desktop\RSIT.exe
[2011-07-11 14:25:46 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\J23\Desktop\OTL.exe
[2011-07-11 14:06:31 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011-07-11 11:59:55 | 048,062,655 | ---- | M] () -- C:\Users\J23\Desktop\sterowniki_xp_fujitsu_siemens_amilo_li2727.rar
[2011-07-11 08:52:20 | 000,000,010 | ---- | M] () -- C:\Windows\popcinfo.dat
[2011-07-09 22:58:51 | 000,955,070 | ---- | M] (Informer Technologies, Inc. ) -- C:\Users\J23\Desktop\siinst.exe
[2011-07-08 21:04:06 | 004,096,449 | ---- | M] () -- C:\Users\J23\Desktop\Tina Turner - We Don T Need Another Hero.mp3
[2011-07-08 20:52:31 | 004,575,013 | ---- | M] () -- C:\Users\J23\Desktop\weekend - ona i on.mp3
[2011-07-08 20:24:04 | 003,825,194 | ---- | M] () -- C:\Users\J23\Desktop\w.b.u - zepsuty świat.mp3
[2011-07-08 20:15:47 | 003,943,206 | ---- | M] () -- C:\Users\J23\Desktop\Bloodhound Gang - The bad touch.mp3
[2011-07-08 20:10:18 | 001,914,044 | ---- | M] () -- C:\Users\J23\Desktop\La Bouche - Be My Lover.mp3
[2011-07-08 15:46:44 | 000,022,528 | ---- | M] () -- C:\Users\J23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-07-07 20:39:14 | 000,001,028 | ---- | M] () -- C:\Users\J23\Desktop\18 Wheels of Steel Haulin.lnk
[2011-07-07 19:55:46 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
[2011-07-07 19:53:40 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011-07-07 19:53:40 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011-07-06 17:04:38 | 686,751,744 | ---- | M] () -- C:\Users\J23\Desktop\WinLite.iso
[2011-07-06 15:30:18 | 000,000,921 | ---- | M] () -- C:\Users\J23\Desktop\nLite.lnk
[2011-07-06 08:29:59 | 004,660,904 | ---- | M] () -- C:\Users\J23\Desktop\rtlsetup-pcie(664).zip
[2011-07-06 08:29:22 | 000,001,332 | ---- | M] () -- C:\Users\J23\Desktop\ich8smb.zip
[2011-07-06 08:26:59 | 000,173,089 | ---- | M] () -- C:\Users\J23\Desktop\winxp.rar
[2011-07-05 23:47:11 | 000,000,965 | ---- | M] () -- C:\Users\J23\Desktop\UltraISO.lnk
[2011-07-05 11:46:11 | 011,529,842 | ---- | M] () -- C:\Users\J23\Desktop\furry2final.zip
[2011-07-05 11:43:24 | 000,000,014 | ---- | M] () -- C:\Windows\cfh232.cfg
[2011-07-05 11:43:23 | 000,000,016 | ---- | M] () -- C:\Windows\furry.ini
[2011-07-04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011-07-04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011-07-04 13:37:33 | 000,103,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011-07-04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011-07-04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011-07-04 13:36:18 | 000,194,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011-07-04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011-07-04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011-07-04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011-07-04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011-07-03 23:08:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011-07-03 23:05:06 | 000,411,095 | ---- | M] () -- C:\Users\J23\Desktop\Diamond Twister.jar
[2011-07-03 21:48:06 | 000,929,792 | ---- | M] () -- C:\Users\J23\Desktop\Phonebook.npf
[2011-07-03 21:36:05 | 000,002,088 | ---- | M] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2011-07-03 21:20:25 | 173,838,160 | ---- | M] () -- C:\Users\J23\Desktop\New_PC_Studio_1.5.1.10064_2.exe
[2011-07-03 17:41:08 | 003,561,044 | ---- | M] () -- C:\Users\J23\Desktop\Enej - Radio Hello.mp3
[2011-07-02 20:33:50 | 003,849,322 | ---- | M] (EZB Systems, Inc. ) -- C:\Users\J23\Desktop\uiso9_pe.exe
[2011-07-02 11:21:06 | 000,337,460 | ---- | M] () -- C:\Users\J23\Desktop\Multi Loader V5.56 instrukcja instalacji nowego softu.zip
[2011-06-29 16:02:11 | 001,806,892 | ---- | M] () -- C:\Users\J23\Desktop\FW-WAP4035v120.zip
[2011-06-29 16:01:52 | 000,938,447 | ---- | M] () -- C:\Users\J23\Desktop\WAP-4033-4035 02.2006.pdf
[2011-06-29 11:54:02 | 000,001,994 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-06-27 10:07:02 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011-06-24 12:48:46 | 000,211,473 | R--- | M] () -- C:\Users\J23\Desktop\QUG-Planet.pdf
[2011-06-24 11:53:26 | 000,112,553 | ---- | M] () -- C:\Users\J23\Desktop\ulotka_planet.pdf
[2011-06-24 11:53:20 | 000,938,447 | ---- | M] () -- C:\Users\J23\Desktop\WAP-4033-4035_02.2006.pdf
[2011-06-17 11:17:56 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\AIMP3.lnk
[2011-06-17 11:16:47 | 006,054,799 | ---- | M] () -- C:\Users\J23\Desktop\aimp_3.00.881_beta_2.zip
[2011-06-17 03:23:45 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-06-16 09:44:23 | 020,029,812 | ---- | M] () -- C:\Users\J23\Desktop\k550.rar
[2011-06-11 20:12:55 | 000,000,977 | ---- | M] () -- C:\Users\J23\Desktop\ALLPlayer V4.6.lnk
[2011-06-11 04:29:25 | 002,334,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011-06-05 16:04:47 | 000,191,488 | ---- | M] () -- C:\Users\J23\Desktop\magia kart.pps
[2011-06-03 08:01:04 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011-06-03 07:56:57 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011-06-03 07:47:29 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011-06-03 07:47:29 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011-06-03 07:47:29 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011-06-03 07:47:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011-06-03 07:47:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011-06-03 07:47:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011-06-03 07:47:28 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011-06-03 07:47:28 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011-06-03 07:47:28 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011-06-03 07:47:28 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011-06-03 07:47:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011-06-03 05:48:32 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011-06-03 05:48:31 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011-06-03 05:48:31 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011-06-03 05:48:31 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011-06-02 20:59:05 | 003,790,921 | ---- | M] () -- C:\Users\J23\Desktop\aycan - lambada dj matt g remix rip.mp3
[2011-05-28 04:53:58 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011-05-17 16:49:00 | 011,193,664 | ---- | M] (DT Soft Ltd.) -- C:\Users\J23\Desktop\DTLite4402-0131.exe
[2011-05-17 16:37:27 | 002,276,805 | ---- | M] () -- C:\Users\J23\Desktop\blablaaaaaaaaa.zip

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011-07-15 15:24:08 | 000,001,837 | ---- | C] () -- C:\Users\J23\Desktop\AD-R.lnk
[2011-07-11 14:51:07 | 000,048,666 | ---- | C] () -- C:\Users\J23\Desktop\screen.jpg
[2011-07-11 14:35:33 | 000,781,383 | ---- | C] () -- C:\Users\J23\Desktop\RSIT.exe
[2011-07-11 14:22:17 | 000,002,349 | ---- | C] () -- C:\Users\J23\Desktop\Google Chrome.lnk
[2011-07-11 11:56:07 | 048,062,655 | ---- | C] () -- C:\Users\J23\Desktop\sterowniki_xp_fujitsu_siemens_amilo_li2727.rar
[2011-07-08 21:00:41 | 004,096,449 | ---- | C] () -- C:\Users\J23\Desktop\Tina Turner - We Don T Need Another Hero.mp3
[2011-07-08 20:49:05 | 004,575,013 | ---- | C] () -- C:\Users\J23\Desktop\weekend - ona i on.mp3
[2011-07-08 20:23:53 | 003,825,194 | ---- | C] () -- C:\Users\J23\Desktop\w.b.u - zepsuty świat.mp3
[2011-07-08 20:15:37 | 003,943,206 | ---- | C] () -- C:\Users\J23\Desktop\Bloodhound Gang - The bad touch.mp3
[2011-07-08 20:10:11 | 001,914,044 | ---- | C] () -- C:\Users\J23\Desktop\La Bouche - Be My Lover.mp3
[2011-07-07 20:39:14 | 000,001,028 | ---- | C] () -- C:\Users\J23\Desktop\18 Wheels of Steel Haulin.lnk
[2011-07-07 19:55:46 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
[2011-07-07 19:53:36 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011-07-07 19:53:36 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011-07-06 17:03:52 | 686,751,744 | ---- | C] () -- C:\Users\J23\Desktop\WinLite.iso
[2011-07-06 15:30:18 | 000,000,921 | ---- | C] () -- C:\Users\J23\Desktop\nLite.lnk
[2011-07-06 08:29:28 | 004,660,904 | ---- | C] () -- C:\Users\J23\Desktop\rtlsetup-pcie(664).zip
[2011-07-06 08:29:21 | 000,001,332 | ---- | C] () -- C:\Users\J23\Desktop\ich8smb.zip
[2011-07-06 08:26:57 | 000,173,089 | ---- | C] () -- C:\Users\J23\Desktop\winxp.rar
[2011-07-05 11:42:46 | 011,529,842 | ---- | C] () -- C:\Users\J23\Desktop\furry2final.zip
[2011-07-03 23:08:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011-07-03 23:05:01 | 000,411,095 | ---- | C] () -- C:\Users\J23\Desktop\Diamond Twister.jar
[2011-07-03 21:47:59 | 000,929,792 | ---- | C] () -- C:\Users\J23\Desktop\Phonebook.npf
[2011-07-03 21:36:05 | 000,002,088 | ---- | C] () -- C:\Users\Public\Desktop\Samsung New PC Studio.lnk
[2011-07-03 21:33:47 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011-07-03 21:33:47 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011-07-03 21:33:47 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sy_
[2011-07-03 20:33:07 | 173,838,160 | ---- | C] () -- C:\Users\J23\Desktop\New_PC_Studio_1.5.1.10064_2.exe
[2011-07-03 17:40:21 | 003,561,044 | ---- | C] () -- C:\Users\J23\Desktop\Enej - Radio Hello.mp3
[2011-07-02 20:35:01 | 000,000,965 | ---- | C] () -- C:\Users\J23\Desktop\UltraISO.lnk
[2011-07-02 15:02:29 | 000,000,014 | ---- | C] () -- C:\Windows\cfh232.cfg
[2011-07-02 14:49:22 | 000,000,016 | ---- | C] () -- C:\Windows\furry.ini
[2011-07-02 11:21:06 | 000,337,460 | ---- | C] () -- C:\Users\J23\Desktop\Multi Loader V5.56 instrukcja instalacji nowego softu.zip
[2011-06-29 16:02:10 | 001,806,892 | ---- | C] () -- C:\Users\J23\Desktop\FW-WAP4035v120.zip
[2011-06-29 16:01:49 | 000,938,447 | ---- | C] () -- C:\Users\J23\Desktop\WAP-4033-4035 02.2006.pdf
[2011-06-29 11:54:02 | 000,001,994 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011-06-28 14:04:45 | 000,249,340 | ---- | C] () -- C:\Users\J23\Documents\Default.aimppl
[2011-06-24 12:54:17 | 000,211,473 | R--- | C] () -- C:\Users\J23\Desktop\QUG-Planet.pdf
[2011-06-24 11:53:26 | 000,112,553 | ---- | C] () -- C:\Users\J23\Desktop\ulotka_planet.pdf
[2011-06-24 11:53:20 | 000,938,447 | ---- | C] () -- C:\Users\J23\Desktop\WAP-4033-4035_02.2006.pdf
[2011-06-17 11:16:19 | 006,054,799 | ---- | C] () -- C:\Users\J23\Desktop\aimp_3.00.881_beta_2.zip
[2011-06-17 03:23:45 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011-06-16 09:42:26 | 020,029,812 | ---- | C] () -- C:\Users\J23\Desktop\k550.rar
[2011-06-12 12:06:44 | 008,400,344 | ---- | C] () -- C:\Users\J23\Desktop\Benny Benassi-Satistaction.wav
[2011-06-12 12:06:41 | 006,832,984 | ---- | C] () -- C:\Users\J23\Desktop\1082725003182_morwa_to_dla_sluchaczy.wmv
[2011-06-11 20:12:55 | 000,000,977 | ---- | C] () -- C:\Users\J23\Desktop\ALLPlayer V4.6.lnk
[2011-06-06 21:27:31 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-06-05 16:04:42 | 000,191,488 | ---- | C] () -- C:\Users\J23\Desktop\magia kart.pps
[2011-06-02 20:55:58 | 003,790,921 | ---- | C] () -- C:\Users\J23\Desktop\aycan - lambada dj matt g remix rip.mp3
[2011-05-17 16:37:24 | 002,276,805 | ---- | C] () -- C:\Users\J23\Desktop\blablaaaaaaaaa.zip
[2011-04-28 20:22:43 | 000,000,204 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2011-04-28 20:21:30 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011-04-28 20:14:29 | 000,000,028 | ---- | C] () -- C:\ProgramData\GRGames.ini
[2011-04-20 20:16:30 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-04-20 20:14:53 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-04-18 19:53:58 | 000,037,840 | ---- | C] () -- C:\Windows\System32\drivers\ext2fs.sys
[2011-04-18 19:08:30 | 000,000,192 | ---- | C] () -- C:\Windows\AWS.ini
[2011-04-08 19:08:23 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll
[2011-03-21 18:34:32 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011-03-07 16:36:57 | 000,000,000 | ---- | C] () -- C:\Users\J23\AppData\Roaming\chrtmp
[2011-01-26 16:56:49 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011-01-21 07:36:02 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011-01-12 21:34:09 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2010-12-25 21:49:19 | 000,022,528 | ---- | C] () -- C:\Users\J23\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-12-24 13:27:11 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010-12-18 19:42:09 | 000,725,064 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2010-12-18 19:42:08 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2010-12-18 19:42:07 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2010-04-06 19:33:10 | 000,025,864 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2009-07-14 10:07:57 | 000,701,022 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2009-07-14 10:07:57 | 000,136,040 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 06:33:53 | 003,761,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009-07-14 04:05:48 | 000,618,714 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009-07-14 04:05:48 | 000,107,034 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008-01-01 21:35:22 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008-01-01 21:35:22 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2005-01-31 09:37:58 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[color=#E56717]========== LOP Check ==========[/color]

[2011-06-15 11:09:54 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\aerix
[2011-07-15 13:06:08 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\AIMP3
[2011-04-07 20:09:20 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\AutoHideIP
[2010-12-25 21:51:18 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\BESTplayer
[2011-04-28 20:45:22 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\BITS
[2011-03-07 16:37:38 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Blitware
[2011-01-10 17:47:42 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\DAEMON Tools Lite
[2011-03-02 18:36:43 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\EMCO
[2011-06-27 21:09:26 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\EurekaLog
[2011-04-28 20:21:06 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\FlashGet
[2011-04-28 20:20:49 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\FlashGetBHO
[2011-02-11 21:34:52 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Gadu-Gadu 10
[2011-04-28 20:19:35 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\GetRight
[2010-12-17 19:52:49 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\GHISLER
[2011-06-10 00:06:25 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\ipla
[2011-01-27 19:37:53 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\IrfanView
[2010-12-25 21:16:01 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\LolClient
[2011-03-30 19:28:52 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Miranda
[2010-12-24 00:56:44 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\OpenFM
[2011-06-10 22:39:37 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\RDRM
[2011-07-03 21:33:27 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Samsung
[2011-04-28 21:21:55 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Tific
[2010-12-24 13:13:31 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Tlen.pl
[2011-06-12 18:52:21 | 000,000,000 | ---D | M] -- C:\Users\J23\AppData\Roaming\Win7codecs
[2011-04-22 21:54:28 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >
[/log]

Extras
[log]OTL Extras logfile created on: 2011-07-15 15:33:21 - Run 3
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\J23\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

1,87 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 59,92% Memory free
3,75 Gb Paging File | 2,88 Gb Available in Paging File | 76,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 39,08 Gb Total Space | 9,21 Gb Free Space | 23,57% Space Free | Partition Type: NTFS
Drive D: | 109,97 Gb Total Space | 14,57 Gb Free Space | 13,25% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 6,31 Gb Free Space | 4,24% Space Free | Partition Type: NTFS

Computer Name: J23-KOMPUTER | User Name: J23 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1" = MiniTool Partition Wizard Home Edition 5.2
"{1A36CF15-DF66-4756-9482-A9ABF3DDACE6}_is1" = Driver Robot
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{881C69F2-3861-4F18-BA0D-9B742C5E44FF}" = Voice Twister
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2010
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum obsługi urządzeń z systemem Windows Mobile
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.2 - Polish
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"18 Wheels of Steel Haulin" = 18 Wheels of Steel Haulin
"504244733D18C8F63FF584AEB290E3904E791693" = Pakiet sterowników systemu Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ad-Remover" = Ad-Remover par C_XX
"AIMP3" = AIMP3
"ALLPlayer_is1" = ALLPlayer V4.X
"AQQ" = WapSter AQQ
"Ashampoo WinOptimizer 8_is1" = Ashampoo WinOptimizer 8 v.8.04
"Audacity_is1" = Audacity 1.2.6
"AutoHideIP" = Auto Hide IP
"avast" = avast! Internet Security
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"Gadu-Gadu 10" = Gadu-Gadu 10
"GOM Player" = GOM Player
"Hard Truck 18 Wheels of Steel" = Hard Truck 18 Wheels of Steel
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"ipla" = ipla 2.2.1
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 5.0 (x86 pl)" = Mozilla Firefox 5.0 (x86 pl)
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"nLite_is1" = nLite 1.4.9.1
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Profilin Stylin" = Profilin Stylin
"Super Kulki_is1" = Super Kulki
"Tlen.pl" = Tlen.pl
"Total Video Converter 3.11_is1" = Total Video Converter 3.11 070908
"Totalcmd" = Total Commander (Remove or Repair)
"UltraISO_is1" = UltraISO Premium V9.36
"WinRAR archiver" = Archiwizator WinRAR
"WMV To VCD DVD MPEG Converter Pro_is1" = WMV To VCD DVD MPEG Converter Pro 2.5
"Zuma Deluxe RA" = Zuma Deluxe RA

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
[/log]

Ad-Remover
[log]======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 15:24:11 on 15/07/2011, Normal boot

Microsoft Windows 7 Ultimate Service Pack 1 (X86)
J23@J23-KOMPUTER (Gigabyte Technology Co., Ltd. GA-MA69VM-S2)

============== ACTION(S) ==============


Folder deleted: C:\Users\J23\AppData\Roaming\Mozilla\FireFox\Profiles\hcn2mha1.default\conduit
Folder deleted: C:\Users\J23\AppData\Roaming\Mozilla\FireFox\Profiles\hcn2mha1.default\ConduitEngine
Folder deleted: C:\Users\J23\AppData\Roaming\Mozilla\FireFox\Profiles\hcn2mha1.default\extensions\engine@conduit.com
File deleted: C:\Users\J23\AppData\Roaming\Mozilla\FireFox\Profiles\hcn2mha1.default\searchplugins\conduit.xml
Folder deleted: C:\Users\J23\AppData\Roaming\AdVantage

(!) -- Temporary files deleted.


-- File opened: C:\Users\J23\AppData\Roaming\Mozilla\FireFox\Profiles\hcn2mha1.default\Prefs.js --
Line deleted: user_pref("CT2771935.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT277...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1164041/1159728/PL", "\"0\"...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/PL", "\"0\"")...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2771935", ...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3....
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2771935",...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2771935/CT2771935...
Line deleted: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634...
Line deleted: user_pref("CommunityToolbar.EngineHiddenByUser", false);
Line deleted: user_pref("CommunityToolbar.EngineOwner", "CT2771935");
Line deleted: user_pref("CommunityToolbar.EngineOwnerGuid", "{481f306a-420c-4673-be90-543b7d62a78e}");
Line deleted: user_pref("CommunityToolbar.EngineOwnerToolbarId", "logitool");
Line deleted: user_pref("CommunityToolbar.IsEngineShown", false);
Line deleted: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line deleted: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2771935");
Line deleted: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{481f306a-420c-4673-be90-543b7d62a78e}");
Line deleted: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "logitool");
Line deleted: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr...
Line deleted: user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2771935");
Line deleted: user_pref("CommunityToolbar.ToolbarsList2", "CT2771935");
Line deleted: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Jun 07 2011 20:43:20 GMT+02...
Line deleted: user_pref("CommunityToolbar.alert.alertEnabled", true);
Line deleted: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line deleted: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jun 22 2011 07:59:30 GMT+0200");
Line deleted: user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line deleted: user_pref("CommunityToolbar.alert.locale", "en");
Line deleted: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line deleted: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jun 22 2011 10:34:48 GMT+0200");
Line deleted: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Line deleted: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line deleted: user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line deleted: user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line deleted: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line deleted: user_pref("CommunityToolbar.alert.userId", "d28d9dc0-eb92-4703-a387-e8020011ac10");
Line deleted: user_pref("CommunityToolbar.globalUserId", "db4748ec-3eb8-443d-aaba-e1ad205c0f07");
Line deleted: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line deleted: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line deleted: user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2771935");
Line deleted: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jun 08 2011 19:59:58 GMT+0200");
Line deleted: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Apr 27 2011 19:13:49 GMT+0200");
Line deleted: user_pref("ConduitEngine.FirstServerDate", "03/27/2011 21");
Line deleted: user_pref("ConduitEngine.FirstTime", true);
Line deleted: user_pref("ConduitEngine.FirstTimeFF3", true);
Line deleted: user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line deleted: user_pref("ConduitEngine.HideEngineAfterRestart", true);
Line deleted: user_pref("ConduitEngine.Initialize", true);
Line deleted: user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line deleted: user_pref("ConduitEngine.InstalledDate", "Sun Mar 27 2011 20:02:48 GMT+0200");
Line deleted: user_pref("ConduitEngine.IsMulticommunity", false);
Line deleted: user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line deleted: user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line deleted: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Apr 30 2011 00:30:34 GMT+0200");
Line deleted: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Apr 30 2011 16:27:55 GMT+0200");
Line deleted: user_pref("ConduitEngine.PublisherContainerWidth", 0);
Line deleted: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line deleted: user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 30 2011 16:27:55 GMT+0200");
Line deleted: user_pref("ConduitEngine.UserID", "UN39785187543906618");
Line deleted: user_pref("ConduitEngine.engineLocale", "pl");
Line deleted: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Apr 30 2011 00:30:33 GMT+0200");
Line deleted: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Apr 30 2011 15:05:17 GMT+0200");
Line deleted: user_pref("ConduitEngine.initDone", true);
Line deleted: user_pref("ConduitEngine.isAppTrackingManagerOn", true);
-- File closed --


Key deleted: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key deleted: HKLM\Software\PopCap


============== ADDITIONNAL SCAN ==============

**** Mozilla Firefox Version [5.0 (pl)] ****

HKLM_MozillaPlugins\@pandonetworks.com/PandoWebPlugin (x)
HKCU_MozillaPlugins\pandonetworks.com/PandoWebPlugin (x)
Searchplugins\allegro-pl.xml (hxxp://www.allegro.pl/search.php?string={searchTerms}&amp;sourceid=Mozilla-search)
Searchplugins\fbc-pl.xml (hxxp://fbc.pionier.net.pl/owoc/results)
Searchplugins\merlin-pl.xml (hxxp://www.merlin.com.pl/frontend/search?sourceid=Mozilla-search&amp;fraza={searchTerms}&amp;skad=crhhxmkohb)
Searchplugins\pwn-pl.xml (hxxp://encyklopedia.pwn.pl/szukaj.php?co={searchTerms})
Searchplugins\wikipedia-pl.xml (hxxp://pl.wikipedia.org/wiki/Specjalna:Szukaj)
Searchplugins\wp-pl.xml (hxxp://szukaj.wp.pl/szukaj.html?z=T&amp;r=T&amp;szukaj={searchTerms})
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension )
HKCU_Extensions|{EB132DB0-A4CA-11DF-9732-0E29E0D72085} - C:\Program Files\profilinstylin\profilinstylin

-- C:\Users\J23\AppData\Roaming\Mozilla\FireFox\Profiles\hcn2mha1.default --
Extensions\support@auto-hide-ip.com (Auto Hide IP)
Extensions\{9D6218B8-03C7-4b91-AA43-680B305DD35C} (ProCon Latte)
Prefs.js - browser.download.lastDir, C:\\Users\\J23\\Desktop
Prefs.js - browser.search.defaulturl,
Prefs.js - browser.startup.homepage, google.pl
Prefs.js - browser.startup.homepage_override.buildID, 20110615151330
Prefs.js - browser.startup.homepage_override.mstone, rv:5.0

========================================

**** Google Chrome Version [12.0.742.122] ****

Extension\gfofmjijdndbbfdfchibahfdlhncfhne (C:\Program Files\profilinstylin\extension_2_5_1.crx) (?)
Extension\icmlaeflemplmjndnaapfdbbnpncnbda (C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx) (?)
Extension - jfmjfhklogoienhpfnppmbcbjfjnkonk (x)

-- C:\Users\J23\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Enabled: true) (?)
Preferences - homepage: hxxp://www.google.com/
Preferences - homepage_is_newtabpage: true
Plugin - Chrome NaCl (Enabled: false) (C:\Users\J23\AppData\Local\Google\Chrome\Application\12.0.742.122\ppGoogleNaClPluginChrome.dll)
Plugin - Pando Web Plugin (Enabled: true) (C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll)
Plugin - "Java" (Enabled: true)
Plugin - "Chrome NaCl" (Enabled: false)
Plugin - "Pando Web Plugin" (Enabled: true)

========================================

**** Internet Explorer Version [8.0.7601.17514] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)
HKLM_ElevationPolicy\{08FF730A-494F-4cba-AA0B-E4F1D44715F9} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\symerr.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_Extensions\{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - "@C:\Windows\WindowsMobile\INetRepl.dll,-222" (C:\Windows\WindowsMobile\INetRepl.dll,210)
HKLM_Extensions\{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - "?" (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll)
BHO\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - "Skype Browser Helper" (C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll)
BHO\{cbfb5c65-652c-3e10-9d9a-e586816d9342} - "BHO_HelloWorld.BHO" (mscoree.dll) (x)
BHO\{DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - "IplexToALLPlayer" (C:\PROGRA~1\ALLPLA~1\Iplex\IPLEXT~1.DLL)

========================================

C:\Program Files\Ad-Remover\Quarantine: 98 File(s)
C:\Program Files\Ad-Remover\Backup: 15 File(s)

C:\Ad-Report-CLEAN[1].txt - 15/07/2011 15:24:24 (12340 Byte(s))

End at: 15:25:34, 15/07/2011

============== E.O.F ==============
[/log]

Czyszczenie OTLem wyłączyłem z rozpędu notatnik, to zrobisz jeszcze raz tym skryptem to czyszczenie ?

Znalazłem je na dysku jednak ;-)
[log]========== OTL ==========
Service BlueSoleilCS stopped successfully!
Service BlueSoleilCS deleted successfully!
Service cpudriver stopped successfully!
Service cpudriver deleted successfully!
C:\Program Files\Temporary\cpu.sys moved successfully.
Prefs.js: "LogiTool Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2771935&q removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\searchplugin folder moved successfully.
C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\modules folder moved successfully.
C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\META-INF folder moved successfully.
C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\defaults folder moved successfully.
C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\components folder moved successfully.
C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e}\chrome folder moved successfully.
C:\Users\J23\AppData\Roaming\mozilla\Firefox\Profiles\hcn2mha1.default\extensions\{481f306a-420c-4673-be90-543b7d62a78e} folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\AdVantage\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\BtTray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\TkBellExe\ deleted successfully.
========== FILES ==========
C:\Windows\tasks\Driver Robot.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-866066421-2766305544-3693691503-1000UA.job moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 41620 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: J23
->Flash cache emptied: 8588 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Error: Unable to interpret <[emtytemp]> in the current context!

OTL by OldTimer - Version 3.2.26.1 log created on 07152011_151930[/log]

wirusolog
komentarz
komentarz (edytowane)

[quote]
Extension\gfofmjijdndbbfdfchibahfdlhncfhne (C:\Program Files\profilinstylin\extension_2_5_1.crx) (?)
Extension\icmlaeflemplmjndnaapfdbbnpncnbda (C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx) (?)
Extension - jfmjfhklogoienhpfnppmbcbjfjnkonk (x)
[/quote]
W pasku adresów Google Chrome wklep [b]chrome://extensions[/b] i ENTER. W menedżerze rozszerzeń wymontuj profilinstylin.

[hr]

[b]1.[/b] Uruchom OTL i wciśnij [b]Sprzątanie[/b].

[b]2.[/b] Uruchom Ad-Remover i wciśnij [b]UNINSTALL[/b].

[b]3.[/b] Aktualizacja softu/zabezpieczeń:
[quote]
Internet Explorer (Version = [b]8.0.7601.17514[/b])
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = [b]Java™ 6 Update 24[/b]
"{AC76BA86-7AD7-1045-7B44-A94000000001}" = [b]Adobe Reader 9.4.2 - Polish[/b]
"Adobe Flash Player Plugin" = [b]Adobe Flash Player 10 Plugin[/b]
[/quote]
[list]
[*]Starszy Adobe Reader odinstaluj i wstaw najnowszy [url="http://get.adobe.com/reader/"][color="#0000FF"][b]Adobe Reader X (10.1)[/b][/color][/url] (nie zaznaczaj montażu sponsoringu McAfee).
[*]Zaktualizuj do wersji [url="http://windows.microsoft.com/pl-PL/internet-explorer/products/ie/home"][color="#0000FF"][b]Internet Explorer 9[/b][/color][/url]. Posługiwanie się alternatywną przeglądarką nie znosi wymogu braku aktualizacji dla IE. Silnik używany przez różne funkcje systemu.
[*]Do aktualizacji wtyczka Adobe: [url="http://get.adobe.com/flashplayer/"][color="#0000FF"][b]Adobe Flash Player 10.3.181.34[/b][/color][/url].By została zainstalowana do dwóch przeglądarek (Firefox + IE) należy stronę pobierania otwrzyć w obu przeglądarkach po kolei. Nie dotyczy Google Chrome (własne wbudowane pluginy).
[*]Do aktualizacji Java, starą odinstaluj i wstaw [url="http://www.oracle.com/technetwork/java/javase/downloads/index.html"][color="#0000FF"][b]Java 6 Update 26 (JRE)[/b][/color][/url].[/list]

[b]4.[/b] Do wyczyszczenia punkty przywracania systemu: [url=http://www.searchengines.pl/Czyszczenie-punktow-przywracania-systemu-t141981.html][b][color="#0000FF"][u]LINK[/url][/b][/color][/u]

[b]5.[/b] Zalecam [b]pełne skanowanie[/b] [url=http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button][b][color="#0000FF"][u]MBAM[/url][/b][/color][/u] (po instalacji zaaktualizuj ręczne baze wirusów, usuń to co znajdzie i wklej raport końcowy).

[b]6.[/b] Przeskanuj też cały system za pomocą [url=http://www.hotfix.pl/instrukcja-uzytkowania-dr-web-cureit--a193.htm][b][color=blue][u]Dr.Web CureIt![/url][/b][/color][/u]

  • Dobra wypowiedź 1
wacek223
komentarz
komentarz (edytowane)

W sumie już mi to g**no nie wyskakuje, ale powyższe czynności wykonam ;)

raport MBAM

[log]Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Wersja bazy: 7189

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

2011-07-18 09:48:47
mbam-log-2011-07-18 (09-48-47).txt

Typ skanowania: Szybkie skanowanie
Przeskanowano obiektów: 150077
Upłynęło: 4 minut(y), 50 sekund(y)

Zainfekowanych procesów w pamięci: 0
Zainfekowanych modułów w pamięci: 0
Zainfekowanych kluczy rejestru: 0
Zainfekowanych wartości rejestru: 0
Zainfekowane informacje rejestru systemowego: 0
Zainfekowanych folderów: 1
Zainfekowanych plików: 0

Zainfekowanych procesów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych modułów w pamięci:
(Nie znaleziono zagrożeń)

Zainfekowanych kluczy rejestru:
(Nie znaleziono zagrożeń)

Zainfekowanych wartości rejestru:
(Nie znaleziono zagrożeń)

Zainfekowane informacje rejestru systemowego:
(Nie znaleziono zagrożeń)

Zainfekowanych folderów:
c:\program files\temporary (Trojan.Agent) -> Quarantined and deleted successfully.

Zainfekowanych plików:
(Nie znaleziono zagrożeń)
[/log]

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.