Karolas utworzono 28 lutego 2012 utworzono 28 lutego 2012 Witam. Mam problem z komputerem. Mianowicie gdy włączyłem go dziś rano odpalał się normalnie do momentu gdy zawsze pojawiał się pulpit. Zamiast niego było granatowe tło. Doradzono mi, żeby wpisać w menedżerze zadań komendę explorer.exe. Rzeczywiście, pomogło lecz wtedy wyskoczył komunikat z Eseta o koniu trojańskim, którego niestety nie dał rady ani wyleczyć ani usunąć. Po przejrzeniu tego forum dowiedziałem się, że owe problemy były przyczyną działania tego wirusa. Jak widzę to dość częsty ostatnio problem wśród forumowiczów. Dołączam logi i bardzo proszę o pomoc [b]OTL:[/b] [log] OTL logfile created on: 2012-02-28 23:12:58 - Run 3 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Karol\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 57,96% Memory free 8,00 Gb Paging File | 6,29 Gb Available in Paging File | 78,71% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74,52 Gb Total Space | 27,47 Gb Free Space | 36,86% Space Free | Partition Type: NTFS Drive D: | 208,92 Gb Total Space | 16,43 Gb Free Space | 7,87% Space Free | Partition Type: NTFS Computer Name: KAROL-KOMPUTER | User Name: Karol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-02-28 22:31:25 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Karol\Downloads\OTL.exe PRC - [2012-02-19 15:39:03 | 000,048,640 | RHS- | M] (Microsoft Corporation) -- C:\Users\Karol\AppData\Local\Temp\System\ntvdmd.exe PRC - [2012-02-18 13:02:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-02-18 13:02:27 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2012-02-17 18:12:38 | 000,144,896 | RHS- | M] () -- C:\Users\Karol\AppData\Local\Temp\System\UccApi.exe PRC - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-10-13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2011-08-16 19:30:40 | 001,379,840 | ---- | M] () -- C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe PRC - [2011-07-16 05:24:22 | 000,000,000 | ---- | M] () -- C:\Users\Karol\winlogon.exe PRC - [2011-03-30 05:59:06 | 000,937,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe PRC - [2011-01-20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2011-01-12 15:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2010-11-05 02:57:27 | 000,055,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe PRC - [2010-07-12 17:33:54 | 001,592,672 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2010-03-30 03:59:57 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2010-02-05 18:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2010-02-04 22:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010-01-05 21:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2010-01-05 01:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2009-12-15 18:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009-11-24 21:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe PRC - [2009-11-02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009-06-19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009-06-19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009-06-16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2008-12-23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2008-08-14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe PRC - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-02-28 22:45:29 | 000,254,464 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\winamp.lng MOD - [2012-02-28 22:45:29 | 000,161,792 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\vis_milk2.lng MOD - [2012-02-28 22:45:29 | 000,087,552 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\vis_avs.lng MOD - [2012-02-28 22:45:29 | 000,010,752 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\pmp_usb.lng MOD - [2012-02-28 22:45:29 | 000,007,680 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\vis_nsfs.lng MOD - [2012-02-28 22:45:29 | 000,006,144 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\tagz.lng MOD - [2012-02-28 22:45:29 | 000,004,096 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\pmp_p4s.lng MOD - [2012-02-28 22:45:29 | 000,003,584 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\winampa.lng MOD - [2012-02-28 22:45:29 | 000,003,584 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\pmp_njb.lng MOD - [2012-02-28 22:45:28 | 000,039,936 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_pmp.lng MOD - [2012-02-28 22:45:28 | 000,036,864 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ombrowser.lng MOD - [2012-02-28 22:45:28 | 000,016,896 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\out_ds.lng MOD - [2012-02-28 22:45:28 | 000,014,336 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_wire.lng MOD - [2012-02-28 22:45:28 | 000,013,312 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_playlists.lng MOD - [2012-02-28 22:45:28 | 000,010,752 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\pmp_android.lng MOD - [2012-02-28 22:45:28 | 000,008,192 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_plg.lng MOD - [2012-02-28 22:45:28 | 000,007,680 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_transcode.lng MOD - [2012-02-28 22:45:28 | 000,007,168 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\out_wave.lng MOD - [2012-02-28 22:45:28 | 000,006,144 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\pmp_ipod.lng MOD - [2012-02-28 22:45:28 | 000,006,144 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\out_disk.lng MOD - [2012-02-28 22:45:28 | 000,005,632 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_rg.lng MOD - [2012-02-28 22:45:28 | 000,004,608 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\pmp_activesync.lng MOD - [2012-02-28 22:45:28 | 000,004,096 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_orb.lng MOD - [2012-02-28 22:45:28 | 000,003,072 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\playlist.lng MOD - [2012-02-28 22:45:27 | 000,055,808 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_local.lng MOD - [2012-02-28 22:45:27 | 000,047,616 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_disc.lng MOD - [2012-02-28 22:45:27 | 000,022,528 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_mp3.lng MOD - [2012-02-28 22:45:27 | 000,020,992 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_midi.lng MOD - [2012-02-28 22:45:27 | 000,018,432 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_mod.lng MOD - [2012-02-28 22:45:27 | 000,014,848 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_wm.lng MOD - [2012-02-28 22:45:27 | 000,014,336 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_online.lng MOD - [2012-02-28 22:45:27 | 000,011,264 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_vorbis.lng MOD - [2012-02-28 22:45:27 | 000,011,264 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_nsv.lng MOD - [2012-02-28 22:45:27 | 000,009,216 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_downloads.lng MOD - [2012-02-28 22:45:27 | 000,008,704 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_history.lng MOD - [2012-02-28 22:45:27 | 000,007,168 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_autotag.lng MOD - [2012-02-28 22:45:27 | 000,006,656 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_wav.lng MOD - [2012-02-28 22:45:27 | 000,005,632 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_wave.lng MOD - [2012-02-28 22:45:27 | 000,005,120 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_impex.lng MOD - [2012-02-28 22:45:27 | 000,005,120 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_bookmarks.lng MOD - [2012-02-28 22:45:27 | 000,005,120 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_wv.lng MOD - [2012-02-28 22:45:27 | 000,004,608 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_enqplay.lng MOD - [2012-02-28 22:45:27 | 000,004,608 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_mp4.lng MOD - [2012-02-28 22:45:27 | 000,004,608 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_mkv.lng MOD - [2012-02-28 22:45:27 | 000,003,584 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_nowplaying.lng MOD - [2012-02-28 22:45:27 | 000,003,584 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\ml_addons.lng MOD - [2012-02-28 22:45:27 | 000,003,584 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_swf.lng MOD - [2012-02-28 22:45:26 | 000,040,448 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_jumpex.lng MOD - [2012-02-28 22:45:26 | 000,022,016 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_ff.lng MOD - [2012-02-28 22:45:26 | 000,020,992 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_ml.lng MOD - [2012-02-28 22:45:26 | 000,013,312 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_cdda.lng MOD - [2012-02-28 22:45:26 | 000,011,264 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_skinmanager.lng MOD - [2012-02-28 22:45:26 | 000,011,264 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_hotkeys.lng MOD - [2012-02-28 22:45:26 | 000,010,752 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_undo.lng MOD - [2012-02-28 22:45:26 | 000,009,728 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_timerestore.lng MOD - [2012-02-28 22:45:26 | 000,009,216 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_nopro.lng MOD - [2012-02-28 22:45:26 | 000,007,680 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_tray.lng MOD - [2012-02-28 22:45:26 | 000,007,168 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_dshow.lng MOD - [2012-02-28 22:45:26 | 000,007,168 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_orgler.lng MOD - [2012-02-28 22:45:26 | 000,007,168 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_crasher.lng MOD - [2012-02-28 22:45:26 | 000,006,144 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_flac.lng MOD - [2012-02-28 22:45:26 | 000,005,120 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_avi.lng MOD - [2012-02-28 22:45:26 | 000,004,096 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_find_on_disk.lng MOD - [2012-02-28 22:45:26 | 000,003,584 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_linein.lng MOD - [2012-02-28 22:45:26 | 000,003,584 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\in_flv.lng MOD - [2012-02-28 22:45:25 | 000,066,560 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\burnlib.lng MOD - [2012-02-28 22:45:25 | 000,014,848 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\gen_classicart.lng MOD - [2012-02-28 22:45:25 | 000,012,800 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\dsp_sps.lng MOD - [2012-02-28 22:45:25 | 000,010,240 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\enc_aacplus.lng MOD - [2012-02-28 22:45:25 | 000,006,144 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\enc_wma.lng MOD - [2012-02-28 22:45:25 | 000,005,632 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\enc_lame.lng MOD - [2012-02-28 22:45:25 | 000,004,096 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\enc_wav.lng MOD - [2012-02-28 22:45:25 | 000,004,096 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\enc_vorbis.lng MOD - [2012-02-28 22:45:25 | 000,004,096 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\enc_flac.lng MOD - [2012-02-28 22:45:24 | 000,011,264 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\WLZC467.tmp\auth.lng MOD - [2012-02-28 22:31:25 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Karol\Downloads\OTL.exe MOD - [2012-02-28 22:16:26 | 000,034,304 | ---- | M] () -- C:\Users\Karol\AppData\Local\Temp\ed562be2-3122.tmp MOD - [2012-02-19 15:39:03 | 000,048,640 | RHS- | M] (Microsoft Corporation) -- C:\Users\Karol\AppData\Local\Temp\System\ntvdmd.exe MOD - [2012-02-18 13:02:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe MOD - [2012-02-18 13:02:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll MOD - [2012-02-18 13:02:27 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-02-18 13:02:27 | 000,801,752 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll MOD - [2012-02-18 13:02:27 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll MOD - [2012-02-18 13:02:27 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll MOD - [2012-02-18 13:02:27 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll MOD - [2012-02-18 13:02:27 | 000,187,352 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll MOD - [2012-02-18 13:02:27 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll MOD - [2012-02-18 13:02:27 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll MOD - [2012-02-18 13:02:27 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll MOD - [2012-02-18 13:02:27 | 000,045,016 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll MOD - [2012-02-18 13:02:27 | 000,022,488 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll MOD - [2012-02-18 13:02:27 | 000,020,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll MOD - [2012-02-18 13:02:27 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe MOD - [2012-02-18 13:02:27 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll MOD - [2012-02-18 13:02:26 | 016,116,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll MOD - [2012-02-18 13:02:26 | 000,170,968 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll MOD - [2012-02-18 13:02:26 | 000,154,584 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll MOD - [2012-02-18 13:02:26 | 000,019,928 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll MOD - [2012-02-17 18:12:38 | 000,144,896 | RHS- | M] () -- C:\Users\Karol\AppData\Local\Temp\System\UccApi.exe MOD - [2012-02-16 17:05:10 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\659bc287f3b51e5e604208ce93d983ec\Microsoft.VisualBasic.ni.dll MOD - [2012-02-16 15:56:35 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll MOD - [2012-01-04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-12-14 04:10:13 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2011-12-14 03:57:49 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2011-12-14 03:57:18 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2011-12-14 03:52:07 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2011-11-25 10:56:28 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 06:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2011-11-17 06:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2011-11-17 06:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2011-11-17 06:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2011-10-15 09:53:00 | 007,041,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll MOD - [2011-10-15 09:53:00 | 002,458,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll MOD - [2011-10-15 00:54:42 | 000,154,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll MOD - [2011-10-15 00:54:36 | 000,576,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll MOD - [2011-10-15 00:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2011-09-14 19:26:46 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-08-16 19:30:40 | 001,379,840 | ---- | M] () -- C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe MOD - [2011-07-27 05:14:02 | 000,967,008 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.DLL MOD - [2011-07-16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2011-07-16 05:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2011-07-16 05:24:22 | 000,000,000 | ---- | M] () -- C:\Users\Karol\winlogon.exe MOD - [2011-07-08 23:33:43 | 005,924,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2011-06-17 02:05:36 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2011-06-17 02:01:31 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-17 02:01:31 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-06-17 02:01:28 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-05-17 08:27:52 | 000,413,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MOD - [2011-03-30 05:59:06 | 000,937,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe MOD - [2011-03-29 23:33:48 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MOD - [2011-03-11 06:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll MOD - [2011-03-11 06:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-02-19 07:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2011-01-20 10:20:44 | 002,834,240 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll MOD - [2011-01-20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe MOD - [2011-01-20 10:19:46 | 001,455,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2011-01-07 14:39:22 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100enu.dll MOD - [2010-11-29 08:38:50 | 000,292,160 | ---- | M] (DT Soft Ltd.) -- C:\Program Files (x86)\DAEMON Tools Lite\ImgEngine.dll MOD - [2010-11-20 13:21:38 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 13:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 13:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2010-11-20 13:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-20 13:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 13:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll MOD - [2010-11-20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 13:20:28 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll MOD - [2010-11-20 13:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-20 13:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-20 13:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-20 13:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2010-11-20 13:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 13:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2010-11-20 13:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010-11-20 13:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 13:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 13:18:01 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 13:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010-11-20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 13:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 13:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 13:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 13:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-20 12:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010-11-18 13:50:14 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\DAEMON Tools Lite\MSVCR100.dll MOD - [2010-11-18 13:50:14 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\DAEMON Tools Lite\MSVCP100.dll MOD - [2010-11-18 13:50:12 | 004,368,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\DAEMON Tools Lite\mfc100u.dll MOD - [2010-11-13 03:03:49 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2010-11-05 02:58:19 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscoree.dll MOD - [2010-11-05 02:57:27 | 000,055,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe MOD - [2010-08-28 16:18:39 | 000,083,968 | ---- | M] () -- C:\Program Files (x86)\Winamp\tataki.dll MOD - [2010-08-28 16:18:39 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Winamp\zlib.dll MOD - [2010-08-28 16:18:38 | 000,623,104 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jnetlib.w5s MOD - [2010-08-28 16:18:38 | 000,306,176 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll MOD - [2010-08-28 16:18:38 | 000,285,184 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll MOD - [2010-08-28 16:18:38 | 000,237,056 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\aacPlusDecoder.w5s MOD - [2010-08-28 16:18:38 | 000,214,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll MOD - [2010-08-28 16:18:38 | 000,154,624 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\jpeg.w5s MOD - [2010-08-28 16:18:38 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\xml.w5s MOD - [2010-08-28 16:18:38 | 000,086,528 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\png.w5s MOD - [2010-08-28 16:18:38 | 000,084,992 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\playlist.w5s MOD - [2010-08-28 16:18:38 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Winamp\nsutil.dll MOD - [2010-08-28 16:18:38 | 000,051,200 | ---- | M] () -- C:\Program Files (x86)\Winamp\Plugins\out_ds.dll MOD - [2010-08-28 16:18:38 | 000,021,504 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\tagz.w5s MOD - [2010-08-28 16:18:38 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\gif.w5s MOD - [2010-08-28 16:18:38 | 000,019,456 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\bmp.w5s MOD - [2010-08-28 16:18:38 | 000,016,896 | ---- | M] () -- C:\Program Files (x86)\Winamp\System\dlmgr.w5s MOD - [2010-07-12 17:33:54 | 001,592,672 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe MOD - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2010-03-30 03:59:57 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe MOD - [2010-02-04 22:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe MOD - [2010-01-05 21:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe MOD - [2010-01-05 01:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2009-11-24 21:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe MOD - [2009-11-02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009-11-02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe MOD - [2009-11-02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009-11-02 22:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll MOD - [2009-11-02 22:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 02:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll MOD - [2009-07-14 02:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wevtapi.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009-07-14 02:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 02:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 02:15:41 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Defender\MpOav.dll MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009-07-14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 02:15:13 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxva2.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsrole.dll MOD - [2009-07-14 02:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc.dll MOD - [2009-07-14 02:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009-07-14 02:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009-07-14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-06-19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe MOD - [2009-02-26 18:37:02 | 000,178,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll MOD - [2009-02-26 18:36:54 | 002,217,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll MOD - [2009-02-26 18:36:48 | 000,021,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.DLL MOD - [2009-02-26 18:36:46 | 001,560,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll MOD - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe MOD - [2005-09-22 01:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll MOD - [2005-01-13 08:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll MOD - [2004-05-28 02:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-01-12 15:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV:[b]64bit:[/b] - [2011-01-12 15:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2009-12-08 00:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV - [2012-02-28 22:17:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-10-21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-10-13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-15 18:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009-06-16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-07-08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-03-09 15:43:36 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-12-21 14:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2010-12-21 14:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2010-12-21 12:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2010-12-21 12:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2010-12-21 12:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2009-12-28 07:16:45 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:[b]64bit:[/b] - [2009-10-15 10:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2009-10-05 02:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-08-23 06:08:07 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:[b]64bit:[/b] - [2009-08-12 04:38:01 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV:[b]64bit:[/b] - [2009-07-20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-13 17:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2008-12-08 16:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:[b]64bit:[/b] - [2007-07-26 08:28:54 | 000,055,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SRS_SSCFilter_amd64.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) DRV:[b]64bit:[/b] - [2006-12-22 19:05:52 | 000,559,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-03 01:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = [url="http://search.msn.com/spbasic.htm"]http://search.msn.com/spbasic.htm[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://www.google.pl/"]http://www.google.pl/[/url] IE - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-02-18 13:02:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-10-28 21:07:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-05-19 00:03:20 | 000,000,000 | ---D | M] [2010-08-28 16:25:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karol\AppData\Roaming\mozilla\Extensions [2012-02-03 22:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karol\AppData\Roaming\mozilla\Firefox\Profiles\1m65s9o2.default\extensions [2011-10-13 12:50:20 | 000,000,000 | ---D | M] (Vividas player plugin) -- C:\Users\Karol\AppData\Roaming\mozilla\Firefox\Profiles\1m65s9o2.default\extensions\player@vividas.com [2011-11-13 22:32:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010-08-30 20:42:24 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} () (No name found) -- C:\USERS\KAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1M65S9O2.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI () (No name found) -- C:\USERS\KAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1M65S9O2.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI [2012-02-18 13:02:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010-08-29 20:37:56 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-11-24 11:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll [2011-10-05 07:33:46 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-10-05 07:33:46 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-10-05 07:33:46 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-10-05 07:33:46 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-10-05 07:33:46 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-10-30 12:39:29 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe () O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [crrss] C:\Windows\SysWOW64\crrss.exe () O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [© Microsoft Real Time Media Stack] C:\Users\Karol\AppData\Local\Temp\System\ntvdmd.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [Windows Update Server] C:\Users\Karol\19f48fa2-3122.exe File not found O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [winlogon] C:\Users\Karol\winlogon.exe () O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_Plugin.exe (Adobe Systems, Inc.) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16 O7 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_25) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57E35D23-595F-4392-9462-D15B68E9B106}: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5EA8B85-BEC0-45CE-A3E0-B4C66C2B34FE}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE9BC49F-766A-4101-BA6F-EF0CF787B644}: DhcpNameServer = 212.33.71.82 212.33.71.72 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000 Winlogon: Shell - ("C:\Users\Karol\winlogon.exe") - C:\Users\Karol\winlogon.exe () O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]ASUS Screen Saver Protector[/b] - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS) MsConfig:64bit - StartUpReg: [b]CLMLServer[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) MsConfig:64bit - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-02-23 21:30:56 | 000,000,000 | ---D | C] -- C:\Users\Karol\Desktop\kaliber galeria [2012-02-19 15:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ventrilo [2012-02-19 15:39:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ventrilo [2012-02-19 15:38:58 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Roaming\1334 [2012-02-16 15:48:12 | 000,000,000 | R--D | C] -- C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-02-16 15:48:11 | 000,000,000 | R--D | C] -- C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-01-24 01:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-01-24 01:15:01 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\ALLConverter [2012-01-24 01:14:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLConverter PRO [2012-01-24 01:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-01-24 01:14:26 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\ALLPlayer [2012-01-24 01:14:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLPlayer [2012-01-24 01:07:35 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Roaming\NapiProjekt [2012-01-24 01:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-01-24 01:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NapiProjekt [2012-01-16 01:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desperado [2012-01-16 00:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames [2012-01-16 00:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Infogrames [2012-01-13 13:11:15 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Roaming\NVIDIA [2012-01-13 13:11:14 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Roaming\MOVAVI [2012-01-13 13:10:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movavi Video Converter 11 [2012-01-13 12:30:06 | 000,000,000 | ---D | C] -- C:\ApolloOutput [2012-01-13 12:20:29 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\WMTools Downloaded Files [2012-01-13 12:02:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker 2.6 [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-02-28 22:24:03 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-02-28 22:24:03 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-02-28 22:17:08 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-02-28 22:15:41 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-02-28 22:15:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-02-28 22:15:13 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys [2012-02-27 22:02:10 | 000,001,936 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2012-02-26 23:49:05 | 005,204,782 | ---- | M] () -- C:\Users\Karol\Desktop\Rihanna - We Found Love (Audio) ft. Calvin Harris.mp3 [2012-02-26 22:46:33 | 001,216,790 | ---- | M] () -- C:\Users\Karol\Desktop\Michel Teló - Ai Se Eu Te Pego - Oficial (Assim você me mata).MP3 [2012-02-26 17:14:53 | 001,663,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-02-26 17:14:53 | 000,738,192 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-02-26 17:14:53 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-02-26 17:14:53 | 000,154,848 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-02-26 17:14:53 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-02-16 15:47:14 | 000,420,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-01-26 19:27:26 | 217,918,109 | ---- | M] () -- C:\Users\Karol\Desktop\Documents\Mediacje.wmv [2012-01-24 01:15:01 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\ALLConverter PRO.lnk [2012-01-13 13:11:10 | 000,005,104 | ---- | M] () -- C:\ProgramData\qjaxlkio.dss [2012-01-13 12:33:41 | 000,007,680 | ---- | M] () -- C:\Users\Karol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-01-13 12:32:36 | 000,000,066 | ---- | M] () -- C:\Windows\#1 Video Converter.INI [2012-01-11 01:14:27 | 001,639,550 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-02-26 23:48:38 | 005,204,782 | ---- | C] () -- C:\Users\Karol\Desktop\Rihanna - We Found Love (Audio) ft. Calvin Harris.mp3 [2012-02-26 22:46:26 | 001,216,790 | ---- | C] () -- C:\Users\Karol\Desktop\Michel Teló - Ai Se Eu Te Pego - Oficial (Assim você me mata).MP3 [2012-02-01 21:12:13 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-02-01 21:12:11 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-01-26 23:45:23 | 217,918,109 | ---- | C] () -- C:\Users\Karol\Desktop\Documents\Mediacje.wmv [2012-01-24 01:15:01 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\ALLConverter PRO.lnk [2012-01-24 01:14:30 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2012-01-13 13:11:10 | 000,005,104 | ---- | C] () -- C:\ProgramData\qjaxlkio.dss [2012-01-13 12:32:32 | 000,000,066 | ---- | C] () -- C:\Windows\#1 Video Converter.INI [2012-01-13 12:02:42 | 000,002,537 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk [2011-10-15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011-08-12 16:35:42 | 000,026,112 | ---- | C] () -- C:\Windows\SysWow64\crrss.exe [2011-04-24 21:36:20 | 001,639,550 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010-09-17 13:17:13 | 000,314,368 | ---- | C] () -- C:\Windows\KSGDeInstall.exe [2010-09-02 17:57:17 | 000,001,816 | ---- | C] () -- C:\Windows\hpdj3740.ini [2010-08-30 20:43:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-08-29 18:04:40 | 000,007,680 | ---- | C] () -- C:\Users\Karol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-29 17:12:48 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2010-03-30 03:59:49 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll [2010-03-30 03:41:54 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== LOP Check ==========[/color] [2012-02-19 15:38:58 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\1334 [2010-08-28 14:16:52 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\Asus WebStorage [2012-02-26 14:24:20 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\BitComet [2011-12-23 21:14:53 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\CrystalIdea Software [2011-03-18 10:55:32 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\DAEMON Tools Lite [2010-09-01 15:13:10 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\DAEMON Tools Net [2011-05-19 00:04:37 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\ESET [2010-08-28 18:55:51 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\EurekaLog [2011-06-25 23:32:09 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\GanymedeNet [2011-05-17 23:04:06 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\ipla [2012-01-13 13:15:07 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\MOVAVI [2012-01-24 01:10:05 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\NapiProjekt [2010-08-28 18:37:38 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\NCH Swift Sound [2010-10-17 15:28:49 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\Nowe Gadu-Gadu [2010-08-28 16:21:09 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\OpenFM [2011-04-07 23:52:31 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\RDRM [2010-09-01 12:23:41 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\Tibiacast [2012-01-12 16:50:58 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-10-30 12:58:19 | 000,005,404 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt [2009-06-15 12:11:59 | 000,000,054 | ---- | M] () -- C:\AdobeReader.log [2010-11-20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2009-07-29 07:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2010-03-30 04:12:33 | 000,013,739 | ---- | M] () -- C:\devlist.txt [2010-03-30 04:12:32 | 000,000,009 | ---- | M] () -- C:\Finish.log [2012-02-28 22:15:13 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys [2010-03-30 03:50:35 | 002,568,587 | ---- | M] () -- C:\inject.log.txt [2010-02-01 09:53:01 | 001,048,576 | -H-- | M] () -- C:\K70ID.BIN [2010-03-08 05:18:58 | 000,000,019 | ---- | M] () -- C:\K70ID_WIN7.20 [2009-06-12 02:32:00 | 000,000,057 | ---- | M] () -- C:\OFFICE2007_M.TXT [2012-02-28 22:15:15 | 4294,201,344 | -HS- | M] () -- C:\pagefile.sys [2010-03-29 15:20:03 | 000,000,146 | ---- | M] () -- C:\Pass.txt [2010-01-25 06:57:25 | 000,000,381 | ---- | M] () -- C:\Patch_Win7.log [2011-03-18 14:44:02 | 000,000,018 | ---- | M] () -- C:\Phx_debug_log.txt [2010-03-08 05:18:58 | 000,000,007 | ---- | M] () -- C:\RECOVERY.DAT [2010-03-30 03:55:53 | 000,003,437 | ---- | M] () -- C:\RHDSetup.log [2010-08-28 15:37:53 | 000,000,159 | ---- | M] () -- C:\Setup.log [2006-05-14 09:22:24 | 000,000,005 | ---- | M] () -- C:\store.log [2010-03-30 03:15:59 | 000,000,170 | ---- | M] () -- C:\SumHidd.txt [2010-03-30 03:14:39 | 000,000,098 | ---- | M] () -- C:\SumOS.txt [2009-09-16 19:04:46 | 000,000,024 | ---- | M] () -- C:\v82.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2011-07-16 05:24:22 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\Users\Karol\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < End of report > [/log] [b]EXTRAS:[/b] [log] OTL Extras logfile created on: 2012-02-28 23:12:58 - Run 3 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Karol\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 57,96% Memory free 8,00 Gb Paging File | 6,29 Gb Available in Paging File | 78,71% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74,52 Gb Total Space | 27,47 Gb Free Space | 36,86% Space Free | Partition Type: NTFS Drive D: | 208,92 Gb Total Space | 16,43 Gb Free Space | 7,87% Space Free | Partition Type: NTFS Computer Name: KAROL-KOMPUTER | User Name: Karol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "AutoUpdateDisableNotify" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot "{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java™ 6 Update 25 (64-bit) "{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}" = ESET Smart Security "{64A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java™ SE Development Kit 6 Update 25 (64-bit) "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{95F7B3C3-3D4C-471B-982A-76DB26E0EA2B}" = Bezpieczeństwo rodzinne usługi Windows Live "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.2.24.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "ASUS USB2.0 UVC VGA WebCam" = ASUS USB2.0 UVC VGA WebCam "ASUS WebStorage" = ASUS WebStorage "Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "NVIDIA Drivers" = NVIDIA Drivers "WinRAR archiver" = Archiwizator WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}" = Podstawowe programy Windows Live "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger "{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}" = Galeria fotografii usługi Windows Live "{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor ™ "{46EA439E-2D16-49B6-AA80-00DE992FE7CE}" = Microsoft Windows Debugging Symbols "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}" = Asystent rejestracji usługi Windows Live "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1 "{94B4E2D8-A184-415C-BF9E-F699D76466BD}" = Heroes of Might and Magic IV - Złota Edycja "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A7B8A5E9-CA44-44A0-9393-9EA0FFE4C3FB}" = Alcor Micro USB Card Reader "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.6 MUI "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C3335EFB-008F-44DB-A87A-9EC8EE53D045}" = Windows Live Sync "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1" = Game Park Console "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™ "{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live "{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform "{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}" = livebox tp "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V5.X "ASUS AP Bank_is1" = ASUS AP Bank "ASUS_Screensaver" = ASUS_Screensaver "BitComet" = BitComet 1.26 "Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2 "Call of Duty: Black Ops_is1" = Call of Duty: Black Ops "DAEMON Tools Lite" = DAEMON Tools Lite "ENTERPRISE" = Microsoft Office Enterprise 2007 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Google Chrome" = Google Chrome "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{A7B8A5E9-CA44-44A0-9393-9EA0FFE4C3FB}" = Alcor Micro USB Card Reader "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty® - World at War™ "Mozilla Firefox 10.0.2 (x86 pl)" = Mozilla Firefox 10.0.2 (x86 pl) "Mp3 Knife_is1" = Mp3 Knife 3.2 "NapiProjekt_is1" = NapiProjekt (2.0.0.2151) "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "PhotoToolkit_is1" = Photo! Editor 1.1 "Picasa 3" = Picasa 3 "Prism" = Prism Video File Converter "Revo Uninstaller" = Revo Uninstaller 1.93 "save2pc Light_is1" = save2pc Light 4.09 "Steam App 10" = Counter-Strike "Switch" = Switch Sound File Converter "SystemRequirementsLab" = System Requirements Lab "VLC media player" = VLC media player 1.1.11 "Winamp" = Winamp "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "Xvid_is1" = Xvid 1.2.1 final uninstall [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Ad-Remover" = Ad-Remover "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-01-23 22:27:38 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-01-24 23:20:03 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-01-26 10:20:51 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-01-30 11:50:54 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-01-31 08:29:56 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-02 10:47:22 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-06 07:35:07 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-07 07:45:24 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-07 10:41:09 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-08 08:00:03 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. [ System Events ] Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Stacja robocza zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Pomoc IP zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Otoka i aparat minireadresatora SMB zależy od usługi Podsystem buforowania przekierowywanych danych, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Minireadresator SMB 1.x zależy od usługi Otoka i aparat minireadresatora SMB, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Minireadresator SMB 2.0 zależy od usługi Otoka i aparat minireadresatora SMB, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Rozpoznawanie lokalizacji w sieci zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AFD DfsC discache ehdrv NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf Error - 2012-02-27 16:39:38 | Computer Name = Karol-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 12:35:46 na ?2012-?02-?27 było nieoczekiwane. Error - 2012-02-28 17:19:10 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Steam Client Service. Error - 2012-02-28 17:19:10 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Steam Client Service z powodu następującego błędu: %%1053 < End of report > [/log]
Gość komentarz 28 lutego 2012 komentarz 28 lutego 2012 Uruchom OTL i w oknie [b]Własne opcje skanowania/skrypt[/b] wklej: [code]:Files C:\Users\Karol\AppData\Roaming\1334 C:\Users\Karol\winlogon.exe :OTL O3 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [crrss] C:\Windows\SysWOW64\crrss.exe () O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [Windows Update Server] C:\Users\Karol\19f48fa2-3122.exe File not found O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [winlogon] C:\Users\Karol\winlogon.exe () O20 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000 Winlogon: Shell - ("C:\Users\Karol\winlogon.exe") - C:\Users\Karol\winlogon.exe () :Commands [emptyflash] [emptytemp][/code] Kliknij w [b]Wykonaj skrypt.[/b] Po usuwaniu zrób nowy skan OTL i przedstaw log
Karolas komentarz 28 lutego 2012 Autor komentarz 28 lutego 2012 [b]Raport z OTL:[/b] [log] All processes killed ========== FILES ========== C:\Users\Karol\AppData\Roaming\1334 folder moved successfully. C:\Users\Karol\winlogon.exe moved successfully. ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-3212485663-2536987246-658786658-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\crrss deleted successfully. C:\Windows\SysWOW64\crrss.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-3212485663-2536987246-658786658-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Update Server deleted successfully. Registry value HKEY_USERS\S-1-5-21-3212485663-2536987246-658786658-1000\Software\Microsoft\Windows\CurrentVersion\Run\\winlogon deleted successfully. File C:\Users\Karol\winlogon.exe not found. Registry value HKEY_USERS\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:explorer.exe deleted successfully. Item C:\Windows\SysWOW64\explorer.exe is whitelisted and cannot be moved. Registry value HKEY_USERS\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:"C:\Users\Karol\winlogon.exe" deleted successfully. File C:\Users\Karol\winlogon.exe not found. ========== COMMANDS ========== [EMPTYFLASH] User: All Users User: Default User: Default User User: Karol ->Flash cache emptied: 113413 bytes User: Public User: UpdatusUser Total Flash Files Cleaned = 0,00 mb [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Karol ->Temp folder emptied: 65934703 bytes ->Temporary Internet Files folder emptied: 16101065 bytes ->Java cache emptied: 1291429 bytes ->FireFox cache emptied: 826547054 bytes ->Flash cache emptied: 802 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 1386496 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 95158714 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes RecycleBin emptied: 828018 bytes Total Files Cleaned = 961,00 mb OTL by OldTimer - Version 3.2.33.2 log created on 02282012_234621 Files\Folders moved on Reboot... C:\Users\Karol\AppData\Local\Temp\System\ntvdmd.exe moved successfully. C:\Users\Karol\AppData\Local\Temp\System\UccApi.exe moved successfully. C:\Users\Karol\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Karol\AppData\Local\Mozilla\Firefox\Profiles\1m65s9o2.default\startupCache\startupCache.4.little moved successfully. C:\Users\Karol\AppData\Local\Mozilla\Firefox\Profiles\1m65s9o2.default\Cache\_CACHE_001_ moved successfully. C:\Users\Karol\AppData\Local\Mozilla\Firefox\Profiles\1m65s9o2.default\Cache\_CACHE_002_ moved successfully. C:\Users\Karol\AppData\Local\Mozilla\Firefox\Profiles\1m65s9o2.default\Cache\_CACHE_003_ moved successfully. C:\Users\Karol\AppData\Local\Mozilla\Firefox\Profiles\1m65s9o2.default\Cache\_CACHE_MAP_ moved successfully. C:\Users\Karol\AppData\Local\Mozilla\Firefox\Profiles\1m65s9o2.default\urlclassifier3.sqlite moved successfully. Registry entries deleted on Reboot... [/log] [b]Nowy OTL:[/b] [log] OTL logfile created on: 2012-02-28 23:55:56 - Run 4 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Karol\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,70% Memory free 8,00 Gb Paging File | 6,46 Gb Available in Paging File | 80,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74,52 Gb Total Space | 28,15 Gb Free Space | 37,78% Space Free | Partition Type: NTFS Drive D: | 208,92 Gb Total Space | 16,43 Gb Free Space | 7,87% Space Free | Partition Type: NTFS Computer Name: KAROL-KOMPUTER | User Name: Karol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-02-28 22:31:25 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Karol\Downloads\OTL.exe PRC - [2012-02-18 13:02:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-02-18 13:02:27 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2011-10-21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE PRC - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-10-13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2011-09-07 23:58:10 | 000,037,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe PRC - [2011-08-16 19:30:40 | 001,379,840 | ---- | M] () -- C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe PRC - [2011-03-30 05:59:06 | 000,937,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe PRC - [2011-01-20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2011-01-12 15:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe PRC - [2010-03-30 03:59:57 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2010-02-05 18:05:08 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2010-02-04 22:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2010-01-05 21:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2010-01-05 01:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2009-12-15 18:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009-11-24 21:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe PRC - [2009-11-02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009-06-19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009-06-19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009-06-16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2008-12-23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2008-08-14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe PRC - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-02-28 22:31:25 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Karol\Downloads\OTL.exe MOD - [2012-02-18 13:02:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe MOD - [2012-02-18 13:02:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll MOD - [2012-02-18 13:02:27 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-02-18 13:02:27 | 000,801,752 | ---- | M] (sqlite.org) -- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll MOD - [2012-02-18 13:02:27 | 000,646,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nss3.dll MOD - [2012-02-18 13:02:27 | 000,371,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll MOD - [2012-02-18 13:02:27 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll MOD - [2012-02-18 13:02:27 | 000,187,352 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll MOD - [2012-02-18 13:02:27 | 000,109,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll MOD - [2012-02-18 13:02:27 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\smime3.dll MOD - [2012-02-18 13:02:27 | 000,105,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll MOD - [2012-02-18 13:02:27 | 000,045,016 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll MOD - [2012-02-18 13:02:27 | 000,022,488 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plc4.dll MOD - [2012-02-18 13:02:27 | 000,020,952 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\plds4.dll MOD - [2012-02-18 13:02:27 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe MOD - [2012-02-18 13:02:27 | 000,015,832 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll MOD - [2012-02-18 13:02:26 | 016,116,696 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xul.dll MOD - [2012-02-18 13:02:26 | 000,170,968 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll MOD - [2012-02-18 13:02:26 | 000,154,584 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll MOD - [2012-02-18 13:02:26 | 000,019,928 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll MOD - [2012-01-04 09:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll MOD - [2012-01-04 09:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll MOD - [2011-12-16 08:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll MOD - [2011-12-14 04:10:13 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll MOD - [2011-12-14 03:57:49 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll MOD - [2011-12-14 03:57:18 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll MOD - [2011-12-14 03:52:07 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll MOD - [2011-11-17 06:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll MOD - [2011-11-17 06:34:52 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll MOD - [2011-11-17 06:34:52 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll MOD - [2011-11-17 06:28:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll MOD - [2011-10-15 09:53:00 | 007,041,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll MOD - [2011-10-15 09:53:00 | 002,458,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll MOD - [2011-10-15 00:54:42 | 000,154,432 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll MOD - [2011-10-15 00:54:36 | 000,576,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll MOD - [2011-10-15 00:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2011-09-14 19:26:46 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011-09-07 23:58:10 | 000,037,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe MOD - [2011-08-27 05:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll MOD - [2011-08-27 05:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll MOD - [2011-08-16 19:30:40 | 001,379,840 | ---- | M] () -- C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe MOD - [2011-07-27 05:14:02 | 000,967,008 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.DLL MOD - [2011-07-16 05:24:22 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll MOD - [2011-07-16 05:24:22 | 000,272,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll MOD - [2011-06-17 02:05:36 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2011-06-17 02:01:31 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-17 02:01:31 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-06-17 02:01:28 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll MOD - [2011-05-24 11:40:05 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll MOD - [2011-05-24 11:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll MOD - [2011-05-24 11:39:38 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll MOD - [2011-03-30 05:59:06 | 000,937,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe MOD - [2011-03-11 06:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll MOD - [2011-03-11 06:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll MOD - [2011-03-03 06:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll MOD - [2011-02-19 07:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll MOD - [2011-02-19 07:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll MOD - [2011-01-20 10:20:44 | 002,834,240 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll MOD - [2011-01-20 10:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe MOD - [2011-01-20 10:19:46 | 001,455,424 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll MOD - [2011-01-17 06:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll MOD - [2011-01-07 14:39:22 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc100enu.dll MOD - [2010-11-29 08:38:50 | 000,292,160 | ---- | M] (DT Soft Ltd.) -- C:\Program Files (x86)\DAEMON Tools Lite\ImgEngine.dll MOD - [2010-11-20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll MOD - [2010-11-20 13:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmp.dll MOD - [2010-11-20 13:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll MOD - [2010-11-20 13:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll MOD - [2010-11-20 13:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll MOD - [2010-11-20 13:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2010-11-20 13:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll MOD - [2010-11-20 13:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll MOD - [2010-11-20 13:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll MOD - [2010-11-20 13:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll MOD - [2010-11-20 13:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll MOD - [2010-11-20 13:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll MOD - [2010-11-20 13:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll MOD - [2010-11-20 13:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll MOD - [2010-11-20 13:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll MOD - [2010-11-20 13:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll MOD - [2010-11-20 13:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll MOD - [2010-11-20 13:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll MOD - [2010-11-20 13:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll MOD - [2010-11-20 13:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll MOD - [2010-11-20 13:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll MOD - [2010-11-20 13:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll MOD - [2010-11-20 13:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mswsock.dll MOD - [2010-11-20 13:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll MOD - [2010-11-20 13:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010-11-20 13:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll MOD - [2010-11-20 13:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010-11-20 13:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010-11-20 13:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010-11-20 13:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010-11-20 13:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll MOD - [2010-11-20 13:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dbghelp.dll MOD - [2010-11-20 13:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll MOD - [2010-11-20 13:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll MOD - [2010-11-20 13:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll MOD - [2010-11-20 13:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credssp.dll MOD - [2010-11-20 13:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll MOD - [2010-11-20 13:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll MOD - [2010-11-20 13:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010-11-20 13:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll MOD - [2010-11-20 13:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll MOD - [2010-11-20 13:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv MOD - [2010-11-20 13:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wdmaud.drv MOD - [2010-11-20 13:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll MOD - [2010-11-20 13:08:57 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll MOD - [2010-11-20 13:08:51 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll MOD - [2010-11-20 13:08:51 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll MOD - [2010-11-20 13:08:44 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmploc.DLL MOD - [2010-11-20 12:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-20 12:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010-11-18 13:50:14 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\DAEMON Tools Lite\MSVCR100.dll MOD - [2010-11-18 13:50:14 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\DAEMON Tools Lite\MSVCP100.dll MOD - [2010-11-18 13:50:12 | 004,368,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\DAEMON Tools Lite\mfc100u.dll MOD - [2010-05-14 10:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MOD - [2010-03-30 03:59:57 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe MOD - [2010-02-04 22:05:32 | 007,350,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe MOD - [2010-01-05 21:59:12 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe MOD - [2010-01-05 01:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe MOD - [2009-11-24 21:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe MOD - [2009-11-02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009-11-02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe MOD - [2009-11-02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2009-11-02 22:17:54 | 000,509,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCP71.dll MOD - [2009-11-02 22:17:42 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\CyberLink\Power2Go\MSVCR71.dll MOD - [2009-07-14 02:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009-07-14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 02:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009-07-14 02:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009-07-14 02:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanapi.dll MOD - [2009-07-14 02:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winrnr.dll MOD - [2009-07-14 02:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009-07-14 02:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wlanutil.dll MOD - [2009-07-14 02:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll MOD - [2009-07-14 02:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll MOD - [2009-07-14 02:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll MOD - [2009-07-14 02:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll MOD - [2009-07-14 02:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll MOD - [2009-07-14 02:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009-07-14 02:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009-07-14 02:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009-07-14 02:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pnrpnsp.dll MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll MOD - [2009-07-14 02:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009-07-14 02:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll MOD - [2009-07-14 02:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll MOD - [2009-07-14 02:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll MOD - [2009-07-14 02:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2009-07-14 02:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\NapiNSP.dll MOD - [2009-07-14 02:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll MOD - [2009-07-14 02:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll MOD - [2009-07-14 02:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009-07-14 02:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mpr.dll MOD - [2009-07-14 02:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009-07-14 02:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\midimap.dll MOD - [2009-07-14 02:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009-07-14 02:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009-07-14 02:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll MOD - [2009-07-14 02:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009-07-14 02:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\feclient.dll MOD - [2009-07-14 02:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll MOD - [2009-07-14 02:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009-07-14 02:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009-07-14 02:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll MOD - [2009-07-14 02:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll MOD - [2009-07-14 02:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll MOD - [2009-07-14 02:15:07 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll MOD - [2009-07-14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll MOD - [2009-07-14 02:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll MOD - [2009-07-14 02:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009-07-14 02:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll MOD - [2009-07-14 02:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009-07-14 02:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.drv MOD - [2009-07-14 02:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll MOD - [2009-07-14 02:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll MOD - [2009-07-14 02:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009-07-14 02:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll MOD - [2009-07-14 02:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009-07-14 02:05:46 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icmp.dll MOD - [2009-06-19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe MOD - [2009-02-26 18:36:54 | 002,217,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll MOD - [2009-02-26 18:36:48 | 000,021,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.DLL MOD - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe MOD - [2005-09-22 01:30:42 | 000,036,864 | ---- | M] (ATK) -- C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll MOD - [2005-01-13 08:36:58 | 000,303,104 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll MOD - [2004-05-28 02:13:08 | 000,080,384 | ---- | M] (ACTIONTEC Electronics,Inc) -- C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-01-12 15:44:02 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV:[b]64bit:[/b] - [2011-01-12 15:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2009-12-08 00:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV - [2012-02-28 22:17:24 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-10-21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-10-13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-12-15 18:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009-06-16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-07-08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-03-09 15:43:36 | 000,513,080 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-12-21 14:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2010-12-21 14:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2010-12-21 12:47:38 | 000,170,640 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2010-12-21 12:47:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2010-12-21 12:47:38 | 000,034,144 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2009-12-28 07:16:45 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:[b]64bit:[/b] - [2009-10-15 10:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2009-10-05 02:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009-08-23 06:08:07 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:[b]64bit:[/b] - [2009-08-12 04:38:01 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV:[b]64bit:[/b] - [2009-07-20 10:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-13 17:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2008-12-08 16:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2008-05-24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV:[b]64bit:[/b] - [2007-07-26 08:28:54 | 000,055,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SRS_SSCFilter_amd64.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) DRV:[b]64bit:[/b] - [2006-12-22 19:05:52 | 000,559,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009-07-03 01:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-02-18 13:02:28 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-10-28 21:07:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-05-19 00:03:20 | 000,000,000 | ---D | M] [2010-08-28 16:25:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karol\AppData\Roaming\mozilla\Extensions [2012-02-03 22:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karol\AppData\Roaming\mozilla\Firefox\Profiles\1m65s9o2.default\extensions [2011-10-13 12:50:20 | 000,000,000 | ---D | M] (Vividas player plugin) -- C:\Users\Karol\AppData\Roaming\mozilla\Firefox\Profiles\1m65s9o2.default\extensions\player@vividas.com [2011-11-13 22:32:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010-08-30 20:42:24 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} () (No name found) -- C:\USERS\KAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1M65S9O2.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI () (No name found) -- C:\USERS\KAROL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1M65S9O2.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI [2012-02-18 13:02:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010-08-29 20:37:56 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-11-24 11:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll [2011-10-05 07:33:46 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-10-05 07:33:46 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-10-05 07:33:46 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-10-05 07:33:46 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-10-05 07:33:46 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-10-30 12:39:29 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe () O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [© Microsoft Real Time Media Stack] C:\Users\Karol\AppData\Local\Temp\System\ntvdmd.exe File not found O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3212485663-2536987246-658786658-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16 O7 - HKU\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57E35D23-595F-4392-9462-D15B68E9B106}: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5EA8B85-BEC0-45CE-A3E0-B4C66C2B34FE}: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE9BC49F-766A-4101-BA6F-EF0CF787B644}: DhcpNameServer = 212.33.71.82 212.33.71.72 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* MsConfig:64bit - StartUpReg: [b]Adobe Reader Speed Launcher[/b] - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: [b]ASUS Screen Saver Protector[/b] - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS) MsConfig:64bit - StartUpReg: [b]CLMLServer[/b] - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) MsConfig:64bit - StartUpReg: [b]RtHDVCpl[/b] - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) SafeBootMin:[b]64bit:[/b] AppMgmt - Service SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:[b]64bit:[/b] AppMgmt - Service SafeBootNet:[b]64bit:[/b] Base - Driver Group SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group SafeBootNet:[b]64bit:[/b] File system - Driver Group SafeBootNet:[b]64bit:[/b] Filter - Driver Group SafeBootNet:[b]64bit:[/b] HelpSvc - Service SafeBootNet:[b]64bit:[/b] Messenger - Service SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group SafeBootNet:[b]64bit:[/b] Network - Driver Group SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group SafeBootNet:[b]64bit:[/b] rdsessmgr - Service SafeBootNet:[b]64bit:[/b] sacsvr - Service SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootNet:[b]64bit:[/b] TDI - Driver Group SafeBootNet:[b]64bit:[/b] vmms - Service SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-02-28 23:46:21 | 000,000,000 | ---D | C] -- C:\_OTL [2012-02-23 21:30:56 | 000,000,000 | ---D | C] -- C:\Users\Karol\Desktop\kaliber galeria [2012-02-19 15:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ventrilo [2012-02-19 15:39:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ventrilo [2012-02-16 15:48:12 | 000,000,000 | R--D | C] -- C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-02-16 15:48:11 | 000,000,000 | R--D | C] -- C:\Users\Karol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-01-24 01:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLConverter PRO [2012-01-24 01:15:01 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\ALLConverter [2012-01-24 01:14:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLConverter PRO [2012-01-24 01:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLPlayer [2012-01-24 01:14:26 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\ALLPlayer [2012-01-24 01:14:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ALLPlayer [2012-01-24 01:07:35 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Roaming\NapiProjekt [2012-01-24 01:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NapiProjekt [2012-01-24 01:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NapiProjekt [2012-01-16 01:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Desperado [2012-01-16 00:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames [2012-01-16 00:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Infogrames [2012-01-13 13:11:15 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Roaming\NVIDIA [2012-01-13 13:11:14 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Roaming\MOVAVI [2012-01-13 13:10:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movavi Video Converter 11 [2012-01-13 12:30:06 | 000,000,000 | ---D | C] -- C:\ApolloOutput [2012-01-13 12:20:29 | 000,000,000 | ---D | C] -- C:\Users\Karol\AppData\Local\WMTools Downloaded Files [2012-01-13 12:02:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie Maker 2.6 [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-02-28 23:58:25 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-02-28 23:58:25 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-02-28 23:51:09 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-02-28 23:50:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-02-28 23:50:51 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys [2012-02-28 23:17:01 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-02-27 22:02:10 | 000,001,936 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2012-02-26 23:49:05 | 005,204,782 | ---- | M] () -- C:\Users\Karol\Desktop\Rihanna - We Found Love (Audio) ft. Calvin Harris.mp3 [2012-02-26 22:46:33 | 001,216,790 | ---- | M] () -- C:\Users\Karol\Desktop\Michel Teló - Ai Se Eu Te Pego - Oficial (Assim você me mata).MP3 [2012-02-26 17:14:53 | 001,663,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-02-26 17:14:53 | 000,738,192 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-02-26 17:14:53 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-02-26 17:14:53 | 000,154,848 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-02-26 17:14:53 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-02-16 15:47:14 | 000,420,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-01-26 19:27:26 | 217,918,109 | ---- | M] () -- C:\Users\Karol\Desktop\Documents\Mediacje.wmv [2012-01-24 01:15:01 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\ALLConverter PRO.lnk [2012-01-13 13:11:10 | 000,005,104 | ---- | M] () -- C:\ProgramData\qjaxlkio.dss [2012-01-13 12:33:41 | 000,007,680 | ---- | M] () -- C:\Users\Karol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-01-13 12:32:36 | 000,000,066 | ---- | M] () -- C:\Windows\#1 Video Converter.INI [2012-01-11 01:14:27 | 001,639,550 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-02-26 23:48:38 | 005,204,782 | ---- | C] () -- C:\Users\Karol\Desktop\Rihanna - We Found Love (Audio) ft. Calvin Harris.mp3 [2012-02-26 22:46:26 | 001,216,790 | ---- | C] () -- C:\Users\Karol\Desktop\Michel Teló - Ai Se Eu Te Pego - Oficial (Assim você me mata).MP3 [2012-02-01 21:12:13 | 000,001,048 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-02-01 21:12:11 | 000,001,044 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-01-26 23:45:23 | 217,918,109 | ---- | C] () -- C:\Users\Karol\Desktop\Documents\Mediacje.wmv [2012-01-24 01:15:01 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\ALLConverter PRO.lnk [2012-01-24 01:14:30 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll [2012-01-13 13:11:10 | 000,005,104 | ---- | C] () -- C:\ProgramData\qjaxlkio.dss [2012-01-13 12:32:32 | 000,000,066 | ---- | C] () -- C:\Windows\#1 Video Converter.INI [2012-01-13 12:02:42 | 000,002,537 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk [2011-10-15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011-04-24 21:36:20 | 001,639,550 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010-09-17 13:17:13 | 000,314,368 | ---- | C] () -- C:\Windows\KSGDeInstall.exe [2010-09-02 17:57:17 | 000,001,816 | ---- | C] () -- C:\Windows\hpdj3740.ini [2010-08-30 20:43:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-08-29 18:04:40 | 000,007,680 | ---- | C] () -- C:\Users\Karol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-29 17:12:48 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2010-03-30 03:59:49 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll [2010-03-30 03:41:54 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== LOP Check ==========[/color] [2010-08-28 14:16:52 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\Asus WebStorage [2012-02-26 14:24:20 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\BitComet [2011-12-23 21:14:53 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\CrystalIdea Software [2011-03-18 10:55:32 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\DAEMON Tools Lite [2010-09-01 15:13:10 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\DAEMON Tools Net [2011-05-19 00:04:37 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\ESET [2010-08-28 18:55:51 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\EurekaLog [2011-06-25 23:32:09 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\GanymedeNet [2011-05-17 23:04:06 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\ipla [2012-01-13 13:15:07 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\MOVAVI [2012-01-24 01:10:05 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\NapiProjekt [2010-08-28 18:37:38 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\NCH Swift Sound [2010-10-17 15:28:49 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\Nowe Gadu-Gadu [2010-08-28 16:21:09 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\OpenFM [2011-04-07 23:52:31 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\RDRM [2010-09-01 12:23:41 | 000,000,000 | ---D | M] -- C:\Users\Karol\AppData\Roaming\Tibiacast [2012-01-12 16:50:58 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-10-30 12:58:19 | 000,005,404 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt [2009-06-15 12:11:59 | 000,000,054 | ---- | M] () -- C:\AdobeReader.log [2010-11-20 13:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2009-07-29 07:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2010-03-30 04:12:33 | 000,013,739 | ---- | M] () -- C:\devlist.txt [2010-03-30 04:12:32 | 000,000,009 | ---- | M] () -- C:\Finish.log [2012-02-28 23:50:51 | 3220,647,936 | -HS- | M] () -- C:\hiberfil.sys [2010-03-30 03:50:35 | 002,568,587 | ---- | M] () -- C:\inject.log.txt [2010-02-01 09:53:01 | 001,048,576 | -H-- | M] () -- C:\K70ID.BIN [2010-03-08 05:18:58 | 000,000,019 | ---- | M] () -- C:\K70ID_WIN7.20 [2009-06-12 02:32:00 | 000,000,057 | ---- | M] () -- C:\OFFICE2007_M.TXT [2012-02-28 23:50:54 | 4294,201,344 | -HS- | M] () -- C:\pagefile.sys [2010-03-29 15:20:03 | 000,000,146 | ---- | M] () -- C:\Pass.txt [2010-01-25 06:57:25 | 000,000,381 | ---- | M] () -- C:\Patch_Win7.log [2011-03-18 14:44:02 | 000,000,018 | ---- | M] () -- C:\Phx_debug_log.txt [2010-03-08 05:18:58 | 000,000,007 | ---- | M] () -- C:\RECOVERY.DAT [2010-03-30 03:55:53 | 000,003,437 | ---- | M] () -- C:\RHDSetup.log [2010-08-28 15:37:53 | 000,000,159 | ---- | M] () -- C:\Setup.log [2006-05-14 09:22:24 | 000,000,005 | ---- | M] () -- C:\store.log [2010-03-30 03:15:59 | 000,000,170 | ---- | M] () -- C:\SumHidd.txt [2010-03-30 03:14:39 | 000,000,098 | ---- | M] () -- C:\SumOS.txt [2009-09-16 19:04:46 | 000,000,024 | ---- | M] () -- C:\v82.txt [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009-07-14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009-07-14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\SysNative\drivers\beep.sys [2009-07-14 01:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=16A47CE2DECC9B099349A5F840654746 -- C:\Windows\winsxs\amd64_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_201592fa214e4f02\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys [2010-11-20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys [2010-11-20 14:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys [2009-07-14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010-11-20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009-10-28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2011-07-16 05:24:22 | 000,000,000 | ---- | M] () MD5=D41D8CD98F00B204E9800998ECF8427E -- C:\_OTL\MovedFiles\02282012_234621\C_Users\Karol\winlogon.exe [2009-10-28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < End of report > [/log] [b]Nowy EXTRAS:[/b] [log] OTL Extras logfile created on: 2012-02-28 23:55:56 - Run 4 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Karol\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 64,70% Memory free 8,00 Gb Paging File | 6,46 Gb Available in Paging File | 80,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74,52 Gb Total Space | 28,15 Gb Free Space | 37,78% Space Free | Partition Type: NTFS Drive D: | 208,92 Gb Total Space | 16,43 Gb Free Space | 7,87% Space Free | Partition Type: NTFS Computer Name: KAROL-KOMPUTER | User Name: Karol | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [napiprojekt] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" () Directory [napiprojekt0] -- "C:\Program Files (x86)\NapiProjekt\napisy.exe" "%1" -pobierz_ang () Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "AutoUpdateDisableNotify" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot "{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit) "{33B49B5C-2D04-4B8F-BA1F-D22EB8A627B0}" = ESET Smart Security "{64A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25 (64-bit) "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{95F7B3C3-3D4C-471B-982A-76DB26E0EA2B}" = Bezpieczeństwo rodzinne usługi Windows Live "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 285.62 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.11.0621 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.5.20 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Sterownik dźwięku HD 1.2.24.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "ASUS USB2.0 UVC VGA WebCam" = ASUS USB2.0 UVC VGA WebCam "ASUS WebStorage" = ASUS WebStorage "Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "NVIDIA Drivers" = NVIDIA Drivers "WinRAR archiver" = Archiwizator WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery "{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology "{0B63BF75-9F0A-4E93-A69D-BDCC6A26C4B1}" = Podstawowe programy Windows Live "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3 "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{2A5FBE73-76DA-4A31-BD86-1B0E01DC33F8}" = Windows Live Messenger "{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart "{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{40CC0CC6-C1BA-476D-98CF-5430DA439B4F}" = Galeria fotografii usługi Windows Live "{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM) "{46EA439E-2D16-49B6-AA80-00DE992FE7CE}" = Microsoft Windows Debugging Symbols "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{74CC5B4D-CBB5-46F1-82B0-3169977B1D36}" = Asystent rejestracji usługi Windows Live "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0415-1000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1" = ALLConverter PRO 1.1 "{94B4E2D8-A184-415C-BF9E-F699D76466BD}" = Heroes of Might and Magic IV - Złota Edycja "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A7B8A5E9-CA44-44A0-9393-9EA0FFE4C3FB}" = Alcor Micro USB Card Reader "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package "{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.6 MUI "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C3335EFB-008F-44DB-A87A-9EC8EE53D045}" = Windows Live Sync "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1" = Game Park Console "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{DB4690C5-9015-401D-A96C-A49909B7C372}" = Poczta usługi Windows Live "{DD49053A-0140-44EF-AE75-C4BC1FDB8286}" = Windows Live Writer "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update "{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform "{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}" = livebox tp "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "ALLPlayer_is1" = ALLPlayer V5.X "ASUS AP Bank_is1" = ASUS AP Bank "ASUS_Screensaver" = ASUS_Screensaver "BitComet" = BitComet 1.26 "Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2 "Call of Duty: Black Ops_is1" = Call of Duty: Black Ops "DAEMON Tools Lite" = DAEMON Tools Lite "ENTERPRISE" = Microsoft Office Enterprise 2007 "GameDesire-Pool & Snooker" = GameDesire-Pool & Snooker "Google Chrome" = Google Chrome "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{A7B8A5E9-CA44-44A0-9393-9EA0FFE4C3FB}" = Alcor Micro USB Card Reader "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "Mozilla Firefox 10.0.2 (x86 pl)" = Mozilla Firefox 10.0.2 (x86 pl) "Mp3 Knife_is1" = Mp3 Knife 3.2 "NapiProjekt_is1" = NapiProjekt (2.0.0.2151) "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "PhotoToolkit_is1" = Photo! Editor 1.1 "Picasa 3" = Picasa 3 "Prism" = Prism Video File Converter "Revo Uninstaller" = Revo Uninstaller 1.93 "save2pc Light_is1" = save2pc Light 4.09 "Steam App 10" = Counter-Strike "Switch" = Switch Sound File Converter "SystemRequirementsLab" = System Requirements Lab "VLC media player" = VLC media player 1.1.11 "Winamp" = Winamp "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "Xvid_is1" = Xvid 1.2.1 final uninstall [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3212485663-2536987246-658786658-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Ad-Remover" = Ad-Remover "Winamp Detect" = Detektor Winampa [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2012-01-23 22:27:38 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-01-24 23:20:03 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-01-26 10:20:51 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-01-30 11:50:54 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-01-31 08:29:56 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-02 10:47:22 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-06 07:35:07 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-07 07:45:24 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-07 10:41:09 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. Error - 2012-02-08 08:00:03 | Computer Name = Karol-Komputer | Source = SideBySide | ID = 16842815 Description = Nie można wygenerować kontekstu aktywacji dla "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Błąd w pliku manifestu lub w pliku zasad "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" w wierszu 3. Wartość "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" atrybutu "version" elementu "assemblyIdentity" jest nieprawidłowa. [ System Events ] Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Pomoc IP zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Otoka i aparat minireadresatora SMB zależy od usługi Podsystem buforowania przekierowywanych danych, której nie można uruchomić z powodu następującego błędu: %%31 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Minireadresator SMB 1.x zależy od usługi Otoka i aparat minireadresatora SMB, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Minireadresator SMB 2.0 zależy od usługi Otoka i aparat minireadresatora SMB, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7001 Description = Usługa Rozpoznawanie lokalizacji w sieci zależy od usługi Usługa interfejsu magazynu sieciowego, której nie można uruchomić z powodu następującego błędu: %%1068 Error - 2012-02-27 07:34:58 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7026 Description = Nie można załadować następujących sterowników startu rozruchowego lub systemowego: AFD DfsC discache ehdrv NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf Error - 2012-02-27 16:39:38 | Computer Name = Karol-Komputer | Source = EventLog | ID = 6008 Description = Poprzednie zamknięcie systemu przy 12:35:46 na ?2012-?02-?27 było nieoczekiwane. Error - 2012-02-28 17:19:10 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7009 Description = Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Steam Client Service. Error - 2012-02-28 17:19:10 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7000 Description = Nie można uruchomić usługi Steam Client Service z powodu następującego błędu: %%1053 Error - 2012-02-28 18:46:21 | Computer Name = Karol-Komputer | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Stereoscopic 3D Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report > [/log]
Karolas komentarz 29 lutego 2012 Autor komentarz 29 lutego 2012 Przepraszam, że odpisuję z takim opóźnieniem, ale niestety nie miałem możliwości zrobić tego wcześniej. Komputer po wykonaniu poleconego skryptu wg mnie zachowuje się normalnie tj. tak jak przed wystąpieniem problemu, Internet nie jest spowolniony, właczanie systemu oraz programów także. Czyli jeżeli dobrze rozumiem, na komputerze nie ma już tego wirusa i wszystko jest w porządku? Mam na myśli głównie czy mogę bezpiecznie logować się na pocztę i inne tego typu konta.
Gość komentarz 1 marca 2012 komentarz 1 marca 2012 (edytowane) Uruchom OTL i kliknij opcję Sprzatanie. Wyczyść foldry Przywracania systemu - instrukcja [url="http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415"]http://www.fixitpc.p...2415#entry42415[/url] To wszystko.
Karolas komentarz 1 marca 2012 Autor komentarz 1 marca 2012 Zrobiłem wszystko zgodnie z instrukcjami. Bardzo dziękuję za pomoc, pozdrawiam!
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.