Marooooo utworzono 1 lutego 2012 utworzono 1 lutego 2012 (edytowane) Witam. Prosiłbym Was o sprawdzenie mojego PC, czy nie kryją się w nim jakieś wirusy itp. Oto logi, które utworzyłem. [b]OTL:[/b] [b]Extras:[/b] [log]OTL Extras logfile created on: 2012-02-01 14:27:00 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\XXX\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 6,46 Gb Available Physical Memory | 80,88% Memory free 15,96 Gb Paging File | 14,36 Gb Available in Paging File | 89,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 100,43 Gb Total Space | 62,56 Gb Free Space | 62,29% Space Free | Partition Type: NTFS Drive D: | 365,23 Gb Total Space | 146,20 Gb Free Space | 40,03% Space Free | Partition Type: NTFS Drive G: | 497,25 Mb Total Space | 44,50 Mb Free Space | 8,95% Space Free | Partition Type: FAT32 Computer Name: XXX-PC | User Name: XXX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3432695862-1466099892-265281002-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\PROGRAMY\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile "{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}" = Microsoft Xbox 360 Accessories 1.1 "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{A49402DD-2781-3782-B0CF-52BDA349E3F3}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 290.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 290.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 290.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 290.36 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.1107 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.6.24 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.3.9.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "ASRock App Charger_is1" = ASRock App Charger v1.0.4 "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{648F9C94-EC44-487B-9DA4-44ED72A082CC}" = Logitech Gaming Software "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.0 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.26 Game "{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller "{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Afterburner" = MSI Afterburner 2.2.0 Beta 9 "ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.54 "ASRock InstantBoot_is1" = ASRock InstantBoot v1.26 "avast" = avast! Free Antivirus "Battlelog Web Plugins" = Battlelog Web Plugins "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "ESN Sonar-0.70.4" = ESN Sonar "F1Liga Updater 1.40_is1" = F1Liga Updater 1.40.36 "F1RFT 2011 FINAL" = F1RFT 2011 FINAL "F1RFT 2011 UPDATE" = F1RFT 2011 UPDATE "Fraps" = Fraps (remove only) "Freemake Video Converter_is1" = Freemake Video Converter wersja 3.0.1 "InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller "KLiteCodecPack_is1" = K-Lite Codec Pack 8.1.0 (Full) "Łatka polonizacyjna GTA IV v1.0" = Łatka polonizacyjna GTA IV v1.0 "MagniDriver" = marvell 91xx driver "Mozilla Firefox 10.0 (x86 pl)" = Mozilla Firefox 10.0 (x86 pl) "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Origin" = Origin "PunkBusterSvc" = PunkBuster Services "rFactor" = rFactor (remove only) "RocketDock_is1" = RocketDock 1.3.5 "SpeedFan" = SpeedFan (remove only) "Steam App 102600" = Orcs Must Die! "Steam App 12100" = Grand Theft Auto III "Steam App 12110" = Grand Theft Auto: Vice City "Steam App 12140" = Max Payne "Steam App 12150" = Max Payne 2: The Fall of Max Payne "Steam App 12170" = Grand Theft Auto "Steam App 12180" = Grand Theft Auto 2 "Steam App 12210" = Grand Theft Auto IV "Steam App 12220" = Grand Theft Auto: Episodes from Liberty City "Steam App 12840" = DiRT 2 "Steam App 15700" = Oddworld: Abe's Oddysee "Steam App 15710" = Oddworld: Abe's Exoddus "Steam App 18700" = And Yet It Moves "Steam App 240" = Counter-Strike: Source "Steam App 26500" = Cogs "Steam App 26900" = Crayon Physics Deluxe "Steam App 400" = Portal "Steam App 40800" = Super Meat Boy "Steam App 41100" = Hammerfight "Steam App 440" = Team Fortress 2 "Steam App 550" = Left 4 Dead 2 "Steam App 6120" = Shank "Steam App 620" = Portal 2 "Steam App 63710" = BIT.TRIP RUNNER "Steam App 6800" = Commandos: Behind Enemy Lines "Steam App 6810" = Commandos: Beyond the Call of Duty "Steam App 6830" = Commandos 2: Men of Courage "Steam App 6840" = Commandos 3: Destination Berlin "Steam App 70300" = VVVVVV "Steam App 94200" = Jamestown "Steam App 99700" = NightSky "TeamSpeak 3 Client" = TeamSpeak 3 Client "vShare.tv plugin" = vShare.tv plugin 1.3 "Warcraft II BNE" = Warcraft II BNE "Warcraft III" = Warcraft III "XFastUsb" = XFastUsb [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-01-31 11:38:10 | Computer Name = XXX-PC | Source = ESENT | ID = 455 Description = Windows (2232) Windows: Wystąpił błąd -1811 podczas otwierania pliku dziennika C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00017.log. Error - 2012-01-31 11:38:10 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 9000 Description = Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 7040 Description = Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 7042 Description = Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 9002 Description = Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3029 Description = Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3029 Description = Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3028 Description = Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3058 Description = Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 7010 Description = [ System Events ] Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 2012-01-31 10:52:31 | Computer Name = XXX-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7024 Description = Usługa Windows Search zakończyła działanie; wystąpił specyficzny dla niej błąd %%-1073473535. Error - 2012-01-31 11:38:11 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7031 Description = Usługa Windows Search niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 30000 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2012-01-31 11:38:38 | Computer Name = XXX-PC | Source = DCOM | ID = 10005 Description = Error - 2012-01-31 11:38:38 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Windows Search. Error - 2012-01-31 11:38:38 | Computer Name = XXX-PC | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Windows Search z powodu następującego błędu: %%1053 < End of report > [/log] [b]OTL:[/b] [log]OTL logfile created on: 2012-02-01 14:27:00 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\XXX\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 7,98 Gb Total Physical Memory | 6,46 Gb Available Physical Memory | 80,88% Memory free 15,96 Gb Paging File | 14,36 Gb Available in Paging File | 89,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 100,43 Gb Total Space | 62,56 Gb Free Space | 62,29% Space Free | Partition Type: NTFS Drive D: | 365,23 Gb Total Space | 146,20 Gb Free Space | 40,03% Space Free | Partition Type: NTFS Drive G: | 497,25 Mb Total Space | 44,50 Mb Free Space | 8,95% Space Free | Partition Type: FAT32 Computer Name: XXX-PC | User Name: XXX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-02-01 14:24:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe PRC - [2012-01-31 20:44:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\PROGRAMY\Mozilla Firefox\firefox.exe PRC - [2012-01-03 22:51:18 | 000,037,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe PRC - [2012-01-03 18:15:57 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011-12-17 22:05:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2011-12-17 12:43:30 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\AvastUI.exe PRC - [2011-11-28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\AvastSvc.exe PRC - [2010-11-05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010-11-05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\PROGRAMY\RocketDock\RocketDock.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-02-01 14:24:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe MOD - [2012-01-31 20:44:58 | 001,911,768 | ---- | M] () -- C:\PROGRAMY\Mozilla Firefox\mozjs.dll MOD - [2012-01-31 20:44:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\PROGRAMY\Mozilla Firefox\firefox.exe MOD - [2012-01-31 20:44:58 | 000,818,136 | ---- | M] (sqlite.org) -- C:\PROGRAMY\Mozilla Firefox\mozsqlite3.dll MOD - [2012-01-31 20:44:58 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nss3.dll MOD - [2012-01-31 20:44:58 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nssckbi.dll MOD - [2012-01-31 20:44:58 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\freebl3.dll MOD - [2012-01-31 20:44:58 | 000,187,352 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nspr4.dll MOD - [2012-01-31 20:44:58 | 000,170,968 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\softokn3.dll MOD - [2012-01-31 20:44:58 | 000,154,584 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\ssl3.dll MOD - [2012-01-31 20:44:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\components\browsercomps.dll MOD - [2012-01-31 20:44:58 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nssdbm3.dll MOD - [2012-01-31 20:44:58 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\smime3.dll MOD - [2012-01-31 20:44:58 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\nssutil3.dll MOD - [2012-01-31 20:44:58 | 000,045,016 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\mozutils.dll MOD - [2012-01-31 20:44:58 | 000,022,488 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\plc4.dll MOD - [2012-01-31 20:44:58 | 000,020,952 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\plds4.dll MOD - [2012-01-31 20:44:58 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\mozalloc.dll MOD - [2012-01-31 20:44:57 | 016,112,600 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\xul.dll MOD - [2012-01-31 20:44:57 | 000,019,928 | ---- | M] (Mozilla Foundation) -- C:\PROGRAMY\Mozilla Firefox\xpcom.dll MOD - [2012-01-27 19:58:48 | 000,044,744 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\defs\12020100\uiext.dll MOD - [2012-01-11 20:06:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b559a471eef00081f0b5c2719d1d9623\System.Runtime.Remoting.ni.dll MOD - [2012-01-03 22:51:18 | 000,037,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe MOD - [2011-12-17 22:38:03 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2011-12-17 22:37:58 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2011-12-17 22:37:58 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2011-12-17 22:05:00 | 007,677,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll MOD - [2011-12-17 22:05:00 | 002,095,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll MOD - [2011-12-17 12:43:32 | 000,154,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll MOD - [2011-12-17 12:43:26 | 000,674,112 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll MOD - [2011-12-17 12:43:16 | 000,349,504 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2011-12-17 11:24:32 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4ffea70edf9aa81cba6a5be8070d3dd9\IAStorUtil.ni.dll MOD - [2011-12-17 11:24:30 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll MOD - [2011-12-17 11:24:25 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll MOD - [2011-12-17 11:24:21 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011-12-17 11:24:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011-12-17 11:24:16 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011-12-17 11:24:12 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011-12-16 21:16:28 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-12-16 21:16:28 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-12-14 17:40:54 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2011-12-14 17:40:54 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2011-12-14 17:40:54 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2011-12-14 00:28:31 | 000,108,616 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswJsFlt.dll MOD - [2011-11-28 19:01:33 | 000,199,280 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\1045\uiLangRes.dll MOD - [2011-11-28 19:01:33 | 000,091,624 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\1045\Base.dll MOD - [2011-11-28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\AvastUI.exe MOD - [2011-11-28 19:01:22 | 001,821,000 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\CommonRes.dll MOD - [2011-11-28 19:01:22 | 000,199,792 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\snxhk.dll MOD - [2011-11-28 19:01:20 | 000,398,576 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswSqLt.dll MOD - [2011-11-28 19:01:20 | 000,220,880 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswProperty.dll MOD - [2011-11-28 19:01:20 | 000,205,448 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswLog.dll MOD - [2011-11-28 19:01:20 | 000,025,728 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswUtil.dll MOD - [2011-11-28 19:01:19 | 000,048,888 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswEngLdr.dll MOD - [2011-11-28 19:01:18 | 000,682,344 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswAux.dll MOD - [2011-11-28 19:01:18 | 000,317,200 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswCmnBS.dll MOD - [2011-11-28 19:01:18 | 000,167,832 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswData.dll MOD - [2011-11-28 19:01:18 | 000,163,736 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswCmnIS.dll MOD - [2011-11-28 19:01:18 | 000,097,840 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\aswCmnOS.dll MOD - [2011-11-28 19:01:17 | 000,204,448 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\ashBase.dll MOD - [2011-11-28 19:01:17 | 000,150,352 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\ashTask.dll MOD - [2011-11-28 19:01:17 | 000,061,760 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\ashTaskEx.dll MOD - [2011-11-28 19:01:14 | 000,319,784 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\Aavm4h.dll MOD - [2011-11-28 19:01:13 | 000,072,584 | ---- | M] (AVAST Software) -- C:\PROGRAMY\Avast\AavmRpch.dll MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 06:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2011-11-17 06:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-07-16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2011-07-16 05:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2011-07-08 23:33:43 | 005,924,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-05-17 09:27:52 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MOD - [2011-03-29 23:33:48 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-02-19 07:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 13:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2010-11-20 13:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 13:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-20 13:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 13:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2010-11-20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-20 13:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-20 13:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 13:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2010-11-20 13:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 13:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010-11-20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 13:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 13:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 13:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-20 12:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2010-11-05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe MOD - [2010-11-05 23:52:34 | 000,032,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\pl-PL\IAStorIcon.resources.dll MOD - [2010-11-05 23:52:30 | 000,004,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\pl-PL\IntelVisualDesign.resources.dll MOD - [2010-11-05 23:50:00 | 001,109,504 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll MOD - [2010-11-05 02:58:19 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll MOD - [2010-11-05 02:57:40 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL MOD - [2009-07-14 18:55:02 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_pl_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 02:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netprofm.dll MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 02:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009-07-14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:10 | 000,064,000 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWOW64\l3codeca.acm MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2007-09-02 13:58:52 | 000,495,616 | ---- | M] () -- C:\PROGRAMY\RocketDock\RocketDock.exe MOD - [2007-09-02 13:57:36 | 000,069,632 | ---- | M] () -- C:\PROGRAMY\RocketDock\RocketDock.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-01-05 18:59:32 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-01-03 18:15:57 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011-12-17 22:05:00 | 002,348,864 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2011-12-17 12:43:30 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-12-14 00:12:37 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-11-28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\PROGRAMY\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-11-05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel® SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007-05-31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-12-13 23:52:29 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX) DRV:[b]64bit:[/b] - [2011-11-28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2011-11-28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2011-11-28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2011-11-28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2011-11-28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2011-11-28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2011-11-09 15:21:39 | 000,187,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-02-08 06:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:[b]64bit:[/b] - [2011-02-08 06:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-11-05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2010-10-19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel® DRV:[b]64bit:[/b] - [2010-10-01 04:35:06 | 000,302,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx) DRV:[b]64bit:[/b] - [2010-06-23 10:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-06-11 14:37:14 | 000,015,368 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger) DRV:[b]64bit:[/b] - [2009-08-13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2011-03-18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3432695862-1466099892-265281002-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3432695862-1466099892-265281002-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.pl" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\PROGRAMY\Mozilla Firefox\components [2012-01-31 20:45:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\PROGRAMY\Mozilla Firefox\plugins [2012-01-27 20:48:34 | 000,000,000 | ---D | M] [2011-12-14 00:05:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXX\AppData\Roaming\mozilla\Extensions O1 HOSTS File: ([2012-01-31 16:39:58 | 000,441,100 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 15160 more lines... O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [avast] C:\PROGRAMY\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1000..\Run: [ASRockXTU] File not found O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1000..\Run: [RocketDock] C:\PROGRAMY\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1000..\Run: [zASRockInstantBoot] File not found O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [ASRockXTU] File not found O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [RocketDock] C:\PROGRAMY\RocketDock\RocketDock.exe () O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [StartWMDriverWiz] C:\Windows\system32\rundll32.exe C:\PROGRA~2\COMMON~1\Logitech\WmDrivers\wmwizard.dll,WMWizardMain File not found O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\Run: [zASRockInstantBoot] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-3432695862-1466099892-265281002-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3432695862-1466099892-265281002-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 149.208.161.219 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD3F03EF-2EEE-467A-A441-A4309A662FF6}: DhcpNameServer = 149.208.161.219 O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{5b414381-25d9-11e1-90a6-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5b414381-25d9-11e1-90a6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\ASRSetup.exe O33 - MountPoints2\{d26a8bb3-2753-11e1-8eb5-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{d26a8bb3-2753-11e1-8eb5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe autorun O33 - MountPoints2\{d26a8bb3-2753-11e1-8eb5-806e6f6e6963}\Shell\setup\command - "" = E:\Setup.exe autorun O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: [b]Adobe ARM[/b] - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]XFastUsb[/b] - hkey= - key= - C:\Program Files (x86)\XFastUsb\XFastUsb.exe (FNet Co., Ltd.) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-02-01 14:24:20 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe [2012-01-31 15:54:22 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F1RFT 2011 FINAL 1.00 [2012-01-29 21:29:27 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\ElevatedDiagnostics [2012-01-27 20:48:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-01-15 17:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2012-01-14 18:59:57 | 000,000,000 | ---D | C] -- C:\Windows\XSxS [2012-01-14 18:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xenocode [2012-01-12 22:35:01 | 000,027,388 | ---- | C] (Immersion Corporation) -- C:\Windows\SysWow64\drivers\ihidfilt.sys [2012-01-12 22:35:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Logitech [2012-01-12 22:34:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012-01-12 22:34:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech [2012-01-12 19:14:37 | 001,347,584 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll [2012-01-12 19:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS [2012-01-11 22:27:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters [2012-01-11 17:11:50 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile [2012-01-08 18:08:46 | 000,098,304 | ---- | C] (Blizzard Entertainment) -- C:\Windows\W2BNEUnin.exe [2012-01-07 15:23:14 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\VVVVVV [2012-01-07 15:11:23 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Nicalis [2012-01-07 15:03:04 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Saved Games [2012-01-07 14:48:11 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Crayon Physics Deluxe [2012-01-07 14:46:18 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Crayon Physics Deluxe [2012-01-07 14:40:28 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Lazy 8 Studios [2012-01-07 14:32:26 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\BIT.TRIP RUNNER [2012-01-07 14:32:23 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2012-01-07 14:32:23 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2012-01-07 14:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL [2012-01-07 14:20:55 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Broken Rules [2012-01-03 22:25:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vShare.tv plugin [2012-01-01 17:04:00 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Skype [2012-01-01 16:53:38 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Media Player Classic [2012-01-01 16:52:43 | 000,839,680 | ---- | C] ([url="http://www.mp3dev.org/"]http://www.mp3dev.org/[/url]) -- C:\Windows\SysWow64\lameACM.acm [2012-01-01 16:52:41 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm [2011-12-26 15:29:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2011-12-25 21:59:44 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\ESN Sonar [2011-12-25 21:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2011-12-25 21:51:59 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011-12-25 21:51:59 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011-12-25 15:00:18 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\My Games [2011-12-25 14:18:56 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\PunkBuster [2011-12-25 14:18:52 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Battlefield 3 [2011-12-25 14:18:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins [2011-12-20 18:31:20 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Max Payne 2 Savegames [2011-12-20 16:43:24 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Max Payne Savegames [2011-12-18 19:34:43 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\NVIDIA [2011-12-18 19:28:21 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Freemake [2011-12-18 19:28:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake [2011-12-17 14:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2011-12-17 12:14:16 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\GTA San Andreas User Files [2011-12-16 14:28:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2011-12-15 21:37:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011-12-15 20:21:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2011-12-15 19:23:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2011-12-15 19:22:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2011-12-15 19:11:20 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2011-12-15 19:10:50 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2011-12-14 23:18:01 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Rockstar Games [2011-12-14 23:06:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2011-12-14 23:06:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2011-12-14 23:03:56 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Rockstar Games [2011-12-14 23:03:48 | 000,000,000 | RH-D | C] -- C:\Users\XXX\AppData\Roaming\SecuROM [2011-12-14 23:03:46 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011-12-14 23:03:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2011-12-14 23:03:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2011-12-14 22:43:26 | 000,000,000 | ---D | C] -- C:\Users\XXX\Desktop\Portable [2011-12-14 20:00:33 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\GTA Vice City User Files [2011-12-14 19:57:51 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\GTA3 User Files [2011-12-14 19:55:25 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011-12-14 19:38:00 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\Orcs Must Die [2011-12-14 17:58:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2011-12-14 17:58:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2011-12-14 17:29:42 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\CrashDumps [2011-12-14 16:54:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011-12-14 16:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage [2011-12-14 16:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2011-12-14 16:32:25 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\FIFA 12 [2011-12-14 16:22:28 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller [2011-12-14 15:40:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011-12-14 00:37:46 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Origin [2011-12-14 00:37:45 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Origin [2011-12-14 00:37:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games [2011-12-14 00:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2011-12-14 00:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2011-12-14 00:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2011-12-14 00:26:55 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011-12-14 00:26:54 | 000,304,472 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011-12-14 00:26:53 | 000,591,192 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011-12-14 00:26:53 | 000,058,712 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011-12-14 00:26:53 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011-12-14 00:26:52 | 000,256,960 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011-12-14 00:26:52 | 000,066,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011-12-14 00:26:47 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011-12-14 00:26:47 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2011-12-14 00:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2011-12-14 00:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011-12-14 00:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011-12-14 00:14:20 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Adobe [2011-12-14 00:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative [2011-12-14 00:12:39 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2011-12-14 00:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared [2011-12-14 00:11:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2011-12-14 00:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011-12-14 00:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011-12-14 00:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011-12-14 00:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011-12-14 00:06:07 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011-12-14 00:05:04 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Mozilla [2011-12-14 00:05:04 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Mozilla [2011-12-14 00:04:49 | 000,000,000 | ---D | C] -- C:\PROGRAMY [2011-12-13 23:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\DeviceVM [2011-12-13 23:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2011-12-13 23:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2011-12-13 23:54:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} [2011-12-13 23:54:05 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\DeviceVm [2011-12-13 23:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative [2011-12-13 23:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative [2011-12-13 23:53:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011-12-13 23:53:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011-12-13 23:53:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2011-12-13 23:53:23 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Macromedia [2011-12-13 23:53:23 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Adobe [2011-12-13 23:53:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011-12-13 23:53:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011-12-13 23:52:29 | 000,015,936 | ---- | C] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS [2011-12-13 23:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\FNET [2011-12-13 23:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XFastUsb [2011-12-13 23:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XFast USB [2011-12-13 23:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASRock Utility [2011-12-13 23:52:17 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Intel Corporation [2011-12-13 23:51:24 | 000,015,368 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\Windows\SysNative\drivers\AsrAppCharger.sys [2011-12-13 23:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility [2011-12-13 23:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\ASRock Utility [2011-12-13 23:49:48 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell [2011-12-13 23:49:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell [2011-12-13 23:49:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology [2011-12-13 23:49:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011-12-13 23:49:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2011-12-13 23:48:21 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\InstallShield [2011-12-13 23:47:55 | 000,344,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2011-12-13 23:47:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011-12-13 23:47:51 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011-12-13 23:47:40 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2011-12-13 23:47:39 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011-12-13 23:47:39 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011-12-13 23:47:39 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011-12-13 23:47:39 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011-12-13 23:47:34 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011-12-13 23:47:34 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011-12-13 23:47:34 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011-12-13 23:47:34 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011-12-13 23:47:34 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011-12-13 23:47:34 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011-12-13 23:47:31 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2011-12-13 23:47:31 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011-12-13 23:47:23 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2011-12-13 23:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2011-12-13 23:47:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011-12-13 23:47:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2011-12-13 23:47:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011-12-13 23:45:19 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2011-12-13 23:45:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2011-12-13 23:45:17 | 000,000,000 | ---D | C] -- C:\Intel [2011-12-13 23:36:18 | 000,000,000 | R--D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011-12-13 23:36:18 | 000,000,000 | R--D | C] -- C:\Users\XXX\Searches [2011-12-13 23:36:18 | 000,000,000 | R--D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011-12-13 23:36:11 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Identities [2011-12-13 23:36:09 | 000,000,000 | R--D | C] -- C:\Users\XXX\Contacts [2011-12-13 23:36:08 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\VirtualStore [2011-12-13 23:36:02 | 000,000,000 | --SD | C] -- C:\Users\XXX\AppData\Roaming\Microsoft [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Videos [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Saved Games [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Pictures [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Music [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Links [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Favorites [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Downloads [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Documents [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\Desktop [2011-12-13 23:36:02 | 000,000,000 | R--D | C] -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Ustawienia lokalne [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\AppData\Local\Temporary Internet Files [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Szablony [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\SendTo [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Recent [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\PrintHood [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\NetHood [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Documents\Moje wideo [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Documents\Moje obrazy [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Moje dokumenty [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Documents\Moja muzyka [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Menu Start [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\AppData\Local\Historia [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Dane aplikacji [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\AppData\Local\Dane aplikacji [2011-12-13 23:36:02 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Cookies [2011-12-13 23:36:02 | 000,000,000 | -H-D | C] -- C:\Users\XXX\AppData [2011-12-13 23:36:02 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Temp [2011-12-13 23:36:02 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Microsoft [2011-12-13 23:36:02 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Media Center Programs [2011-12-13 23:35:56 | 000,000,000 | -HSD | C] -- C:\Recovery [2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2011-12-13 23:35:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2011-12-13 23:26:08 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011-12-13 23:25:45 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2011-12-13 23:23:47 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2011-12-13 23:23:38 | 000,000,000 | -HSD | C] -- C:\Boot [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-02-01 14:24:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Desktop\OTL.exe [2012-02-01 14:23:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-02-01 14:23:09 | 2133,868,543 | -HS- | M] () -- C:\hiberfil.sys [2012-01-31 22:23:04 | 000,014,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-01-31 22:23:03 | 000,014,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-01-31 19:46:17 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012-01-31 19:46:17 | 000,282,864 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012-01-31 19:45:59 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012-01-31 16:43:50 | 001,543,720 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-01-31 16:43:50 | 000,695,932 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-01-31 16:43:50 | 000,613,962 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-01-31 16:43:50 | 000,133,728 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-01-31 16:43:50 | 000,105,204 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-01-31 16:39:58 | 000,441,100 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012-01-26 20:20:09 | 000,441,100 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120131-163958.backup [2012-01-20 22:54:26 | 000,440,287 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120126-202009.backup [2012-01-14 00:32:42 | 000,440,137 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120120-225426.backup [2012-01-11 22:26:55 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2012-01-11 22:26:55 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2012-01-11 17:12:21 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2012-01-08 18:17:41 | 000,017,688 | ---- | M] () -- C:\Windows\W2BNEUnin.dat [2012-01-08 18:08:47 | 000,002,829 | ---- | M] () -- C:\Windows\W2BNEUnin.pif [2012-01-08 18:08:46 | 000,098,304 | ---- | M] (Blizzard Entertainment) -- C:\Windows\W2BNEUnin.exe [2012-01-07 14:20:54 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat [2012-01-03 18:15:57 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-12-31 19:46:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011-12-29 19:00:00 | 000,079,360 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-12-29 13:42:41 | 000,348,307 | ---- | M] () -- C:\Users\XXX\Documents\bf3wallpaper1920x1200nosoldier.jpg [2011-12-29 13:41:23 | 000,362,532 | ---- | M] () -- C:\Users\XXX\Documents\battlefield-3-the-russian-wallpaper.jpg [2011-12-29 13:41:09 | 000,349,137 | ---- | M] () -- C:\Users\XXX\Documents\gi1080.jpg [2011-12-29 13:40:50 | 000,255,267 | ---- | M] () -- C:\Users\XXX\Documents\1080nologo.jpg [2011-12-28 14:16:00 | 000,440,010 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120114-003242.backup [2011-12-26 15:29:05 | 000,000,816 | ---- | M] () -- C:\Users\XXX\Desktop\MSI Afterburner.lnk [2011-12-25 21:52:58 | 000,000,737 | ---- | M] () -- C:\Users\XXX\Desktop\SpeedFan.lnk [2011-12-25 21:52:58 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo [2011-12-25 21:48:12 | 001,746,408 | ---- | M] (CPUID) -- C:\Users\XXX\Desktop\HWMonitor.exe [2011-12-25 19:08:13 | 000,439,956 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111228-141600.backup [2011-12-21 19:14:02 | 000,151,552 | ---- | M] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm [2011-12-17 22:05:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011-12-17 22:05:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011-12-17 22:05:00 | 000,007,653 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2011-12-17 12:43:40 | 000,406,336 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe [2011-12-16 14:30:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011-12-15 22:02:14 | 000,002,560 | ---- | M] () -- C:\Windows\diagwrn.xml [2011-12-15 22:02:14 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml [2011-12-15 21:08:19 | 001,636,610 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-12-15 20:44:10 | 000,439,243 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111225-190813.backup [2011-12-15 20:00:31 | 000,275,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-12-14 23:03:46 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011-12-14 17:40:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2011-12-14 17:40:54 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2011-12-14 00:24:43 | 000,438,933 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20111215-204410.backup [2011-12-13 23:52:29 | 000,015,936 | ---- | M] (FNet Co., Ltd.) -- C:\Windows\SysNative\drivers\FNETURPX.SYS [2011-12-13 23:30:02 | 000,067,912 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011-12-13 23:30:02 | 000,067,912 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011-12-13 23:28:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011-12-13 23:23:40 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-01-12 22:35:00 | 000,040,655 | ---- | C] () -- C:\Windows\SysWow64\LXLCore.VxD [2012-01-12 22:35:00 | 000,034,784 | ---- | C] () -- C:\Windows\SysWow64\Ljoy.VxD [2012-01-12 22:35:00 | 000,022,659 | ---- | C] () -- C:\Windows\SysWow64\Lserial.VxD [2012-01-12 22:35:00 | 000,019,620 | ---- | C] () -- C:\Windows\SysWow64\LJoyFrc.vxd [2012-01-12 22:35:00 | 000,016,680 | ---- | C] () -- C:\Windows\SysWow64\LDigital.VxD [2012-01-12 22:35:00 | 000,011,428 | ---- | C] () -- C:\Windows\SysWow64\LUsbVxd.vxd [2012-01-12 22:35:00 | 000,009,196 | ---- | C] () -- C:\Windows\SysWow64\LJoyV.VxD [2012-01-12 22:35:00 | 000,006,243 | ---- | C] () -- C:\Windows\SysWow64\LAnalog.VxD [2012-01-11 17:12:21 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2012-01-08 18:08:47 | 000,002,829 | ---- | C] () -- C:\Windows\W2BNEUnin.pif [2012-01-08 18:08:35 | 000,017,688 | ---- | C] () -- C:\Windows\W2BNEUnin.dat [2012-01-07 14:20:54 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat [2012-01-01 16:52:49 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012-01-01 16:52:43 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml [2012-01-01 16:52:41 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012-01-01 16:52:41 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012-01-01 16:52:41 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-12-29 13:42:41 | 000,348,307 | ---- | C] () -- C:\Users\XXX\Documents\bf3wallpaper1920x1200nosoldier.jpg [2011-12-29 13:41:23 | 000,362,532 | ---- | C] () -- C:\Users\XXX\Documents\battlefield-3-the-russian-wallpaper.jpg [2011-12-29 13:41:09 | 000,349,137 | ---- | C] () -- C:\Users\XXX\Documents\gi1080.jpg [2011-12-29 13:40:39 | 000,255,267 | ---- | C] () -- C:\Users\XXX\Documents\1080nologo.jpg [2011-12-26 15:29:05 | 000,000,816 | ---- | C] () -- C:\Users\XXX\Desktop\MSI Afterburner.lnk [2011-12-25 21:52:58 | 000,000,737 | ---- | C] () -- C:\Users\XXX\Desktop\SpeedFan.lnk [2011-12-25 21:52:57 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo [2011-12-25 14:19:00 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011-12-25 14:15:23 | 000,282,864 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-12-25 14:15:23 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011-12-25 14:15:20 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011-12-21 15:37:50 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat [2011-12-17 12:43:40 | 000,406,336 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011-12-16 14:30:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011-12-15 22:00:36 | 000,002,560 | ---- | C] () -- C:\Windows\diagwrn.xml [2011-12-15 22:00:36 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml [2011-12-15 21:08:15 | 001,636,610 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-12-15 19:13:06 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2011-12-15 19:10:26 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2011-12-15 19:10:02 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2011-12-15 19:10:02 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2011-12-15 19:08:37 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc [2011-12-15 19:08:37 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2011-12-14 17:40:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2011-12-14 17:40:54 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011-12-14 00:26:52 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2011-12-14 00:07:12 | 000,007,653 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2011-12-13 23:49:54 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll [2011-12-13 23:47:55 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2011-12-13 23:29:56 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011-12-13 23:29:47 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011-12-13 23:28:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011-12-13 23:25:45 | 2133,868,543 | -HS- | C] () -- C:\hiberfil.sys [2011-12-13 23:23:40 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2011-12-13 23:23:39 | 000,383,786 | RHS- | C] () -- C:\bootmgr [2011-09-28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-09-19 14:03:40 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2009-07-14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2012-01-07 14:20:55 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Broken Rules [2012-01-07 15:02:28 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Crayon Physics Deluxe [2011-12-14 00:11:57 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\DeviceVm [2012-01-07 15:11:23 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Nicalis [2011-12-14 00:38:12 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Origin [2012-01-27 16:48:51 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2010-11-20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2011-12-13 23:23:40 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012-02-01 14:23:09 | 2133,868,543 | -HS- | M] () -- C:\hiberfil.sys [2012-01-12 22:35:07 | 000,002,689 | ---- | M] () -- C:\LGSInst.Log [2012-02-01 14:23:12 | 4276,817,919 | -HS- | M] () -- C:\pagefile.sys [2012-01-31 20:13:24 | 000,565,786 | ---- | M] () -- C:\shared.log [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < End of report > [/log] [b]RSIT:[/b] [b]info:[/b] [log]info.txt logfile of random's system information tool 1.09 2012-02-01 14:45:53 ======Uninstall list====== -->MsiExec /X{9530AE42-DAE1-4619-9594-B23487285D17} Acrobat.com-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07} Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F} Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin Adobe Reader 9.5.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A95000000001} And Yet It Moves-->"D:\GRY\Steam\steam.exe" steam://uninstall/18700 ASRock eXtreme Tuner v0.1.54-->"C:\Program Files (x86)\ASRock Utility\AXTU\unins000.exe" ASRock InstantBoot v1.26-->"C:\Program Files (x86)\ASRock Utility\InstantBoot\unins000.exe" avast! Free Antivirus-->C:\PROGRAMY\Avast\aswRunDll.exe "C:\PROGRAMY\Avast\Setup\setiface.dll" RunSetup Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe BIT.TRIP RUNNER-->"D:\GRY\Steam\steam.exe" steam://uninstall/63710 Cogs-->"D:\GRY\Steam\steam.exe" steam://uninstall/26500 Commandos 2: Men of Courage-->"D:\GRY\Steam\steam.exe" steam://uninstall/6830 Commandos 3: Destination Berlin-->"D:\GRY\Steam\steam.exe" steam://uninstall/6840 Commandos: Behind Enemy Lines-->"D:\GRY\Steam\steam.exe" steam://uninstall/6800 Commandos: Beyond the Call of Duty-->"D:\GRY\Steam\steam.exe" steam://uninstall/6810 Counter-Strike: Source-->"D:\GRY\Steam\steam.exe" steam://uninstall/240 Crayon Physics Deluxe-->"D:\GRY\Steam\steam.exe" steam://uninstall/26900 DiRT 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/12840 ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe Etron USB3.0 Host Controller-->"C:\Program Files (x86)\InstallShield Installation Information\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}\setup.exe" -runfromtemp -l0x0409 -removeonly Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27} F1Liga Updater 1.40.36-->"D:\GRY\rFactor\F1Liga Updater\unins000.exe" F1RFT 2011 FINAL-->D:\GRY\rFactor\F1RFTData\F1RFT 2011 Final Uninstall.exe F1RFT 2011 UPDATE-->D:\GRY\rFactor\F1RFTData\F1RFT 2011 Final Uninstall.exe FIFA 12-->"C:\Program Files (x86)\Common Files\EAInstaller\FIFA 12\Cleanup.exe" uninstall_game -autologging Fraps (remove only)-->"C:\PROGRAMY\Fraps\uninstall.exe" Freemake Video Converter wersja 3.0.1-->"C:\PROGRAMY\Freemake Video Converter\Freemake Video Converter\Uninstall\unins000.exe" Grand Theft Auto 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/12180 Grand Theft Auto III-->"D:\GRY\Steam\steam.exe" steam://uninstall/12100 Grand Theft Auto IV-->"D:\GRY\Steam\steam.exe" steam://uninstall/12210 Grand Theft Auto: Episodes from Liberty City-->"D:\GRY\Steam\steam.exe" steam://uninstall/12220 Grand Theft Auto: Vice City-->"D:\GRY\Steam\steam.exe" steam://uninstall/12110 Grand Theft Auto-->"D:\GRY\Steam\steam.exe" steam://uninstall/12170 Hammerfight-->"D:\GRY\Steam\steam.exe" steam://uninstall/41100 Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Intel® Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall Jamestown-->"D:\GRY\Steam\steam.exe" steam://uninstall/94200 K-Lite Codec Pack 8.1.0 (Full)-->"C:\PROGRAMY\K-Lite Codec Pack\unins000.exe" Left 4 Dead 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/550 Logitech Gaming Software-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{648F9C94-EC44-487B-9DA4-44ED72A082CC}\setup.exe" -l0x9 Łatka polonizacyjna GTA IV v1.0-->"D:\GRY\Steam\steamapps\common\grand theft auto iv\GTAIV\Spolszczenie\Deinstalator.exe" marvell 91xx driver-->C:\Program Files (x86)\Marvell\mv91xx\uninst-91xx.exe Max Payne 2: The Fall of Max Payne-->"D:\GRY\Steam\steam.exe" steam://uninstall/12150 Max Payne-->"D:\GRY\Steam\steam.exe" steam://uninstall/12140 Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F} Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Mozilla Firefox 10.0 (x86 pl)-->C:\PROGRAMY\Mozilla Firefox\uninstall\helper.exe MSI Afterburner 2.2.0 Beta 9-->"C:\PROGRAMY\MSI Afterburner\uninstall.exe" NightSky-->"D:\GRY\Steam\steam.exe" steam://uninstall/99700 NVIDIA PhysX-->MsiExec.exe /X{9530AE42-DAE1-4619-9594-B23487285D17} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask Oddworld: Abe's Exoddus-->"D:\GRY\Steam\steam.exe" steam://uninstall/15710 Oddworld: Abe's Oddysee-->"D:\GRY\Steam\steam.exe" steam://uninstall/15700 OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U Orcs Must Die!-->"D:\GRY\Steam\steam.exe" steam://uninstall/102600 Origin-->D:\GRY\Origin\OriginUninstall.exe Portal 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/620 Portal-->"D:\GRY\Steam\steam.exe" steam://uninstall/400 PunkBuster Services-->D:\GRY\Battlefield 3\pbsvc.exe -u Rapture3D 2.3.26 Game-->"C:\Program Files (x86)\BRS\unins000.exe" Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly rFactor (remove only)-->"D:\GRY\rFactor\Uninstall.exe" RocketDock 1.3.5-->"C:\PROGRAMY\RocketDock\unins000.exe" Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP Shank-->"D:\GRY\Steam\steam.exe" steam://uninstall/6120 SpeedFan (remove only)-->"C:\PROGRAMY\SpeedFan\uninstall.exe" Spybot - Search & Destroy-->"C:\PROGRAMY\Spybot - Search & Destroy\unins000.exe" Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} Super Meat Boy-->"D:\GRY\Steam\steam.exe" steam://uninstall/40800 Team Fortress 2-->"D:\GRY\Steam\steam.exe" steam://uninstall/440 TeamSpeak 3 Client-->"C:\PROGRAMY\TeamSpeak 3 Client\uninstall.exe" Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client vShare.tv plugin 1.3-->C:\Program Files (x86)\vShare.tv plugin\uninst.exe VVVVVV-->"D:\GRY\Steam\steam.exe" steam://uninstall/70300 Warcraft II BNE-->C:\Windows\W2BNEUnin.exe C:\Windows\W2BNEUnin.dat Warcraft III-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Warcraft III\Uninstall.exe XFastUsb-->C:\Program Files (x86)\XFastUsb\Uninstall.exe ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======System event log====== Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Cryptographic Services weszła w stan stopped. Record Number: 5 Source Name: Service Control Manager Time Written: 20090714051424.262212-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Modules Installer weszła w stan stopped. Record Number: 4 Source Name: Service Control Manager Time Written: 20090714051424.168612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Software Protection weszła w stan stopped. Record Number: 3 Source Name: Service Control Manager Time Written: 20090714051424.059412-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Windows Event Log weszła w stan stopped. Record Number: 2 Source Name: Service Control Manager Time Written: 20090714051424.012612-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 7036 Message: Usługa Volume Shadow Copy weszła w stan stopped. Record Number: 1 Source Name: Service Control Manager Time Written: 20090714051423.934612-000 Event Type: Informacje User: =====Application event log===== Computer Name: 37L4247E29-32 Event Code: 412 Message: Catalog Database (320) Catalog Database: Nie można odczytać nagłówka pliku dziennika C:\Windows\system32\CatRoot2\edb.log. Błąd -546. Record Number: 5 Source Name: ESENT Time Written: 20111213222634.000000-000 Event Type: Błędy User: Computer Name: 37L4247E29-32 Event Code: 5617 Message: Windows Management Instrumentation Service subsystems initialized successfully Record Number: 4 Source Name: Microsoft-Windows-WMI Time Written: 20111213222632.000000-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 5615 Message: Windows Management Instrumentation Service started sucessfully Record Number: 3 Source Name: Microsoft-Windows-WMI Time Written: 20111213222630.000000-000 Event Type: Informacje User: Computer Name: 37L4247E29-32 Event Code: 1531 Message: Usługa profilów użytkowników została uruchomiona pomyślnie. Record Number: 2 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20111213222622.873321-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: 37L4247E29-32 Event Code: 4625 Message: System podrzędny EventSystem pomija zduplikowane wpisy dziennika zdarzeń przez okres 86400 sekund. Limit czasu pomijania można kontrolować za pomocą wartości REG_DWORD o nazwie SuppressDuplicateDuration w następującym kluczu rejestru: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 1 Source Name: Microsoft-Windows-EventSystem Time Written: 20111213222623.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: 37L4247E29-32 Event Code: 4735 Message: Zmieniono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247E29-32$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Zmienione atrybuty: Nazwa konta SAM: - Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 5 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111213222605.479291-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4731 Message: Utworzono grupę lokalną z włączonymi zabezpieczeniami. Podmiot: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: 37L4247E29-32$ Domena konta: WORKGROUP Identyfikator logowania: 0x3e7 Nowa grupa: Identyfikator zabezpieczeń: S-1-5-32-551 Nazwa grupy: Operatorzy kopii zapasowych Domena grupy: Builtin Atrybuty: Nazwa konta SAM: Operatorzy kopii zapasowych Historia identyfikatora SID: - Informacje dodatkowe: Uprawnienia: - Record Number: 4 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111213222605.463691-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4902 Message: Utworzono tabelę zasad inspekcji użytkownika. Liczba elementów: 0 Identyfikator zasad: 0x31c89 Record Number: 3 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111213222604.964490-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4624 Message: Użytkownik pomyślnie zalogował się na koncie. Podmiot: Identyfikator zabezpieczeń: S-1-0-0 Nazwa konta: - Domena konta: - Identyfikator logowania: 0x0 Typ logowania: 0 Nowe logowanie: Identyfikator zabezpieczeń: S-1-5-18 Nazwa konta: SYSTEM Domena konta: ZARZĄDZANIE NT Identyfikator logowania: 0x3e7 Identyfikator GUID logowania: {00000000-0000-0000-0000-000000000000} Informacje o procesie: Identyfikator procesu: 0x4 Nazwa procesu: Informacje o sieci: Nazwa stacji roboczej: - Adres źródłowy sieci: - Port źródłowy: - Szczegółowe informacje o uwierzytelnianiu: Proces logowania: - Pakiet uwierzytelniania: - Usługi przejściowe: - Nazwa pakietu (tylko NTLM): - Długość klucza: 0 To zdarzenie jest generowane w momencie utworzenia sesji logowania. Jest ono generowane na komputerze, do którego został uzyskany dostęp. Pola podmiotu wskazują konto w systemie lokalnym, które zażądało logowania. Najczęściej jest to usługa, na przykład usługa Serwer, lub proces lokalny taki jak Winlogon.exe lub Services.exe. Pole typu logowania wskazuje rodzaj zaistniałego logowania. Najczęstsze typy to 2 (interakcyjne) i 3 (sieciowe). Pola nowego logowania wskazują konto, dla którego zostało utworzone nowe logowanie, czyli konto, które zostało zalogowane. Pola sieci wskazują lokalizację, z której pochodziło zdalne żądanie logowania. Nazwa stacji roboczej nie zawsze jest dostępna i w niektórych przypadkach może być pusta. Pola informacji o uwierzytelnianiu zawierają szczegółowe informacje o tym konkretnym żądaniu logowania. - Identyfikator GUID logowania to unikatowy identyfikator, za pomocą którego można skorelować to zdarzenie ze zdarzeniem centrum dystrybucji kluczy. - Usługi przejściowe wskazują, które usługi pośrednie uczestniczyły w tym żądaniu logowania. - Nazwa pakietu wskazuje, który protokół podrzędny spośród protokołów NTLM został użyty. - Długość klucza wskazuje długość wygenerowanego klucza sesji. Jeśli nie zażądano klucza sesji, jest to wartość 0. Record Number: 2 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111213222601.906885-000 Event Type: Sukcesy inspekcji User: Computer Name: 37L4247E29-32 Event Code: 4608 Message: Trwa uruchamianie systemu Windows. To zdarzenie jest rejestrowane w momencie uruchamiania programu LSASS.EXE i inicjowania podsystemu inspekcji. Record Number: 1 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111213222601.828884-000 Event Type: Sukcesy inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=2a07 -----------------EOF----------------- [/log] [b]log:[/b] [log]Logfile of random's system information tool 1.09 (written by random/random) Run by XXX at 2012-02-01 14:45:31 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 64 GB (62%) free of 103 GB Total RAM: 8175 MB (80% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:45:53, on 2012-02-01 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\PROGRAMY\RocketDock\RocketDock.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\PROGRAMY\Avast\AvastUI.exe C:\PROGRAMY\Mozilla Firefox\firefox.exe C:\Users\XXX\Desktop\RSIT.exe C:\Program Files (x86)\trend micro\XXX.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft....k/?LinkId=54896[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft....k/?LinkId=69157[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [avast] "C:\PROGRAMY\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [RocketDock] "C:\PROGRAMY\RocketDock\RocketDock.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-21-3432695862-1466099892-265281002-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-3432695862-1466099892-265281002-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\PROGRAMY\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7668 bytes =========Mozilla firefox========= ProfilePath - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\p00tn3qh.default prefs.js - "browser.startup.homepage" - "www.google.pl" [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 10.1 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn.me/esnsonar,version=0.70.4] "Description"=ESN Sonar browser plugin "Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0] "Description"= "Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.110.0] "Description"= "Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll C:\PROGRAMY\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\PROGRAMY\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\PROGRAMY\Mozilla Firefox\plugins\ nppdf32.dll npvsharetvplg.dll C:\PROGRAMY\Mozilla Firefox\searchplugins\ allegro-pl.xml fbc-pl.xml google.xml merlin-pl.xml pwn-pl.xml wikipedia-pl.xml wp-pl.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}] IE5BarLauncherBHO Class - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll [2011-09-22 177712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - VShareToolBar - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll [2011-09-22 177712] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-11-05 283160] "avast"=C:\PROGRAMY\Avast\avastUI.exe [2011-11-28 3744552] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ASRockXTU"= [] "zASRockInstantBoot"= [] "RocketDock"=C:\PROGRAMY\RocketDock\RocketDock.exe [2007-09-02 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "VIDC.FPS1"=frapsvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "VIDC.RTV1"=rtvcvfw32.dll "VIDC.XVID"=xvidvfw.dll "VIDC.YV12"=xvidvfw.dll "msacm.ac3acm"=ac3acm.acm "msacm.lameacm"=lameACM.acm "VIDC.FFDS"=ff_vfw.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-02-01 14:45:31 ----D---- C:\rsit 2012-02-01 14:45:31 ----D---- C:\Program Files (x86)\trend micro 2012-01-31 15:42:26 ----A---- C:\Windows\SysWOW64\webio.dll 2012-01-31 15:42:26 ----A---- C:\Windows\SysWOW64\sspicli.dll 2012-01-31 15:42:26 ----A---- C:\Windows\SysWOW64\secur32.dll 2012-01-31 15:42:26 ----A---- C:\Windows\SysWOW64\schannel.dll 2012-01-27 20:48:16 ----SHD---- C:\Config.Msi 2012-01-14 18:59:57 ----D---- C:\Windows\XSxS 2012-01-14 18:59:57 ----D---- C:\Program Files (x86)\Xenocode 2012-01-12 22:35:06 ----A---- C:\Windows\SysWOW64\LWCtPl.dll 2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\WMWizard.dll 2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\W9XdInst.dll 2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\W9xDAPI.dll 2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\drivers\LUsbSys.sys 2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\drivers\LHidLo.sys 2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\drivers\LHidHi.sys 2012-01-12 22:35:01 ----A---- C:\Windows\SysWOW64\drivers\ihidfilt.sys 2012-01-12 22:35:00 ----D---- C:\Program Files (x86)\Common Files\Logitech 2012-01-12 22:35:00 ----A---- C:\Windows\SysWOW64\WmJoyFrc.dll 2012-01-12 22:35:00 ----A---- C:\Windows\SysWOW64\LFLoad.sys 2012-01-12 22:34:49 ----D---- C:\Program Files (x86)\Logitech 2012-01-12 19:14:37 ----A---- C:\Windows\SysWOW64\rapture3d_oal.dll 2012-01-12 19:14:37 ----A---- C:\Windows\SysWOW64\mkl_blueripple.dll 2012-01-12 19:14:36 ----D---- C:\Program Files (x86)\BRS 2012-01-11 22:27:12 ----D---- C:\ProgramData\Codemasters 2012-01-11 17:11:50 ----D---- C:\Windows\WindowsMobile 2012-01-11 15:53:37 ----A---- C:\Windows\SysWOW64\quartz.dll 2012-01-11 15:53:37 ----A---- C:\Windows\SysWOW64\qdvd.dll 2012-01-11 15:53:32 ----A---- C:\Windows\SysWOW64\ntdll.dll 2012-01-11 15:53:31 ----A---- C:\Windows\SysWOW64\packager.dll 2012-01-08 18:08:47 ----A---- C:\Windows\W2BNEUnin.pif 2012-01-08 18:08:46 ----A---- C:\Windows\W2BNEUnin.exe 2012-01-08 18:08:35 ----A---- C:\Windows\W2BNEUnin.dat 2012-01-07 15:11:23 ----D---- C:\Users\XXX\AppData\Roaming\Nicalis 2012-01-07 14:46:18 ----D---- C:\Users\XXX\AppData\Roaming\Crayon Physics Deluxe 2012-01-07 14:32:23 ----D---- C:\Program Files (x86)\OpenAL 2012-01-07 14:32:23 ----A---- C:\Windows\SysWOW64\wrap_oal.dll 2012-01-07 14:32:23 ----A---- C:\Windows\SysWOW64\OpenAL32.dll 2012-01-07 14:20:55 ----D---- C:\Users\XXX\AppData\Roaming\Broken Rules 2012-01-07 14:20:54 ----A---- C:\Windows\d3dx.dat 2012-01-03 22:25:20 ----D---- C:\Program Files (x86)\vShare.tv plugin ======List of files/folders modified in the last 1 month====== 2012-02-01 14:45:33 ----D---- C:\Windows\Temp 2012-02-01 14:45:31 ----RD---- C:\Program Files (x86) 2012-02-01 14:30:44 ----D---- C:\Windows\System32 2012-02-01 14:30:44 ----D---- C:\Windows\inf 2012-02-01 14:23:16 ----D---- C:\Windows 2012-02-01 14:23:16 ----D---- C:\ProgramData\NVIDIA 2012-01-31 19:46:22 ----D---- C:\Windows\SysWOW64 2012-01-31 19:46:17 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe 2012-01-31 19:44:52 ----D---- C:\Program Files (x86)\Battlelog Web Plugins 2012-01-31 17:00:35 ----D---- C:\ProgramData\Spybot - Search & Destroy 2012-01-31 16:40:54 ----D---- C:\Windows\SoftwareDistribution 2012-01-31 16:38:01 ----D---- C:\Windows\winsxs 2012-01-31 16:35:25 ----SHD---- C:\System Volume Information 2012-01-31 16:00:00 ----SD---- C:\Users\XXX\AppData\Roaming\Microsoft 2012-01-30 17:11:12 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2012-01-29 15:27:22 ----D---- C:\Users\XXX\AppData\Roaming\Media Player Classic 2012-01-28 02:06:30 ----D---- C:\Users\XXX\AppData\Roaming\Skype 2012-01-27 20:48:43 ----SHD---- C:\Windows\Installer 2012-01-27 20:48:34 ----D---- C:\ProgramData\Adobe 2012-01-27 20:48:34 ----D---- C:\Program Files (x86)\Common Files\Adobe 2012-01-27 20:48:33 ----D---- C:\Program Files (x86)\Adobe 2012-01-15 20:11:10 ----D---- C:\Windows\Logs 2012-01-15 17:20:26 ----SD---- C:\ProgramData\Microsoft 2012-01-15 17:19:57 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2012-01-12 22:35:01 ----D---- C:\Windows\SysWOW64\drivers 2012-01-12 22:35:00 ----D---- C:\Program Files (x86)\Common Files 2012-01-12 22:34:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2012-01-12 20:57:30 ----D---- C:\Windows\debug 2012-01-12 18:29:40 ----D---- C:\Windows\Microsoft.NET 2012-01-12 18:29:16 ----RSD---- C:\Windows\assembly 2012-01-11 22:27:12 ----HD---- C:\ProgramData 2012-01-11 20:04:20 ----D---- C:\Windows\ehome 2012-01-07 18:03:49 ----D---- C:\Program Files (x86)\Common Files\Steam 2012-01-07 14:32:23 ----D---- C:\Windows\SysWOW64\directx 2012-01-03 18:15:57 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 mv91xx;mv91xx; C:\Windows\system32\DRIVERS\mv91xx.sys [] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [] R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys [] R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys [] R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys [] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [] R1 FNETURPX;FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [] R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [] R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [] R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [] R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [] S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [] S3 WINUSB;Sterownik WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 avast! Antivirus;avast! Antivirus; C:\PROGRAMY\Avast\AvastSvc.exe [2011-11-28 44768] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2011-12-17 2348864] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-03 76888] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-12-17 381248] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-14 1045256] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-05 419624] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560] S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560] S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560] -----------------EOF----------------- [/log]
Natsuki Kuga komentarz 2 lutego 2012 komentarz 2 lutego 2012 Kosmetyka: [code] :OTL MsConfig:64bit - State: "startup" - Reg Error: Key error. :Commands [emptytemp] [/code] [b]Wykonaj skrypt.[/b] W OTL kliknij [b]Sprzątanie[/b] - to usunie go wraz z jego kwarantanną. RSIT też możesz usunąć. Logi czyste, nie ma nic do usuwania. 1
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.