swiatek94 utworzono 18 kwietnia 2012 utworzono 18 kwietnia 2012 (edytowane) Witam serdecznie, otóż dostałem wiadomość, że mój komputer może posiadać na dysku Keyloggera. NOD32 wykrył pewnego konia trojańskiego, lecz jest napisane, że " nie można go wyleczyć ". Podrzucam logi i zdjęcie wykrytego wirusa. Bardzo proszę o pomoc [log]OTL logfile created on: 2012-04-18 18:50:47 - Run 2 OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 57,37% Memory free 3,35 Gb Paging File | 2,01 Gb Available in Paging File | 59,97% Paging File free Paging file location(s): d:\pagefile.sys 100 4900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 1,33 Gb Free Space | 3,88% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 32,64 Gb Free Space | 7,56% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe PRC - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe PRC - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2012-02-10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012-02-10 05:00:26 | 000,645,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe PRC - [2011-12-12 21:10:50 | 000,075,136 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-05-04 06:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-02-18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-10-07 13:23:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2010-08-07 13:38:00 | 001,262,592 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\AIMP2.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-02-18 17:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-04-14 16:08:12 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2012-03-30 12:33:32 | 000,995,840 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.dll MOD - [2012-03-26 10:14:28 | 000,851,456 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\Device.dll MOD - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe MOD - [2012-03-20 18:08:06 | 000,593,408 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\NewUI.dll MOD - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe MOD - [2012-03-13 06:38:04 | 015,915,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll MOD - [2012-03-13 06:37:21 | 000,019,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll MOD - [2012-03-13 06:37:17 | 000,158,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll MOD - [2012-03-13 06:37:13 | 000,170,936 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll MOD - [2012-03-13 06:37:11 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll MOD - [2012-03-13 06:37:08 | 000,020,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll MOD - [2012-03-13 06:37:07 | 000,022,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll MOD - [2012-03-13 06:37:05 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll MOD - [2012-03-13 06:37:00 | 000,646,072 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll MOD - [2012-03-13 06:36:57 | 000,187,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll MOD - [2012-03-13 06:36:56 | 000,818,104 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll MOD - [2012-03-13 06:36:53 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-03-13 06:36:50 | 000,044,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll MOD - [2012-03-13 06:36:49 | 000,016,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll MOD - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe MOD - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe MOD - [2012-02-10 06:13:00 | 007,713,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll MOD - [2012-02-10 06:13:00 | 002,801,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll MOD - [2012-02-10 06:13:00 | 000,981,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll MOD - [2012-02-10 06:13:00 | 000,639,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll MOD - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe MOD - [2012-02-10 05:02:06 | 003,262,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvui.dll MOD - [2012-01-25 10:47:56 | 000,686,592 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\bvrpctln.dll MOD - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe MOD - [2012-01-16 11:25:54 | 000,192,000 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\WebServices.dll MOD - [2012-01-11 19:00:14 | 000,336,896 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\DownloadManager.dll MOD - [2012-01-11 18:58:40 | 000,271,360 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\Statistics.dll MOD - [2012-01-11 18:55:02 | 000,306,688 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\PluginManager.dll MOD - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe MOD - [2011-11-23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll MOD - [2011-11-17 07:38:39 | 001,288,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2011-11-04 01:02:45 | 012,279,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll MOD - [2011-11-04 00:47:42 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll MOD - [2011-11-04 00:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2011-11-04 00:40:43 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2011-11-04 00:39:47 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2011-11-04 00:32:17 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2011-09-22 13:11:56 | 000,410,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll MOD - [2011-09-22 13:09:44 | 000,093,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll MOD - [2011-09-22 13:07:26 | 000,183,904 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll MOD - [2011-09-22 13:05:24 | 000,394,024 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll MOD - [2011-09-22 13:04:32 | 001,044,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll MOD - [2011-09-22 13:02:30 | 000,101,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll MOD - [2011-09-22 13:01:56 | 000,097,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll MOD - [2011-09-22 13:00:52 | 000,245,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll MOD - [2011-09-18 21:36:52 | 000,072,192 | ---- | M] (Martin Prikryl) -- C:\Program Files\WinSCP\DragExt.dll MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011-07-16 06:27:30 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2011-07-16 06:27:30 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2011-07-04 19:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\ggsip.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll MOD - [2011-07-04 19:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\networkdao.dll MOD - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe MOD - [2011-06-17 03:02:31 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2011-06-17 03:02:31 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2011-06-17 03:01:15 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll MOD - [2011-06-17 03:01:14 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-17 03:01:14 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-06-06 12:55:30 | 000,394,136 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll MOD - [2011-05-24 14:20:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2011-05-24 14:20:46 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-04-04 14:14:46 | 000,113,664 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\WUNPACLN.dll MOD - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2011-02-19 08:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll MOD - [2011-02-17 11:00:46 | 000,327,680 | ---- | M] ([url="http://hunspell.sourceforge.net/"]http://hunspell.sourceforge.net/[/url]) -- C:\Program Files\Gadu-Gadu 10\libhunspell.dll MOD - [2011-02-17 11:00:44 | 000,319,488 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- C:\Program Files\Gadu-Gadu 10\libcurl.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files\Gadu-Gadu 10\libeay32.dll MOD - [2011-02-17 10:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files\Gadu-Gadu 10\ssleay32.dll MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2010-12-13 10:58:50 | 000,047,616 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll MOD - [2010-11-20 14:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2010-11-20 14:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2010-11-20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2010-11-20 14:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2010-11-20 14:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2010-11-20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2010-11-20 14:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2010-11-20 14:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010-11-20 14:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2010-11-20 14:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll MOD - [2010-11-20 14:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2010-11-20 14:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 14:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 14:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll MOD - [2010-11-20 14:21:04 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010-11-20 14:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 14:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2010-11-20 14:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2010-11-20 14:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2010-11-20 14:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2010-11-20 14:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 14:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2010-11-20 14:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2010-11-20 14:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 14:20:27 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2010-11-20 14:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2010-11-20 14:19:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll MOD - [2010-11-20 14:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2010-11-20 14:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2010-11-20 14:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2010-11-20 14:19:33 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 14:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2010-11-20 14:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2010-11-20 14:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2010-11-20 14:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2010-11-20 14:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2010-11-20 14:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2010-11-20 14:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll MOD - [2010-11-20 14:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2010-11-20 14:18:25 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll MOD - [2010-11-20 14:18:25 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2010-11-20 14:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2010-11-20 14:18:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2010-11-20 14:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 14:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2010-11-20 14:18:05 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2010-11-20 14:18:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 14:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2010-11-20 14:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe MOD - [2010-11-20 14:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2010-11-20 14:16:50 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010-10-07 13:23:00 | 000,152,864 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mdnsNSP.dll MOD - [2010-08-07 13:38:02 | 000,337,920 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_library.dll MOD - [2010-08-07 13:38:02 | 000,068,096 | ---- | M] (Artem Izmaylov) -- C:\Program Files\AIMP2\PlugIns\aimp_w7taskbar.dll MOD - [2010-08-07 13:38:02 | 000,051,712 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_onlineradio.dll MOD - [2010-08-07 13:38:02 | 000,050,688 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_update.dll MOD - [2010-08-07 13:38:02 | 000,044,032 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_splashbar.dll MOD - [2010-08-07 13:38:02 | 000,043,008 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_scheduler.dll MOD - [2010-08-07 13:38:02 | 000,035,328 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_lastfm.dll MOD - [2010-08-07 13:38:02 | 000,016,384 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\System\aimp_mmk.dll MOD - [2010-08-07 13:38:00 | 001,262,592 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\AIMP2.exe MOD - [2010-08-07 13:37:56 | 002,291,200 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\AIMP2.dll MOD - [2010-06-17 11:31:40 | 000,099,896 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\bass.dll MOD - [2010-05-06 09:50:54 | 000,016,448 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\System\bass_wma.dll MOD - [2010-04-23 16:11:46 | 000,150,904 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_aac.dll MOD - [2010-03-16 11:52:28 | 000,028,224 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\PlugIns\bass_wv.dll MOD - [2009-12-26 22:23:50 | 000,186,880 | ---- | M] () -- C:\Program Files\AIMP2\sqlite3.dll MOD - [2009-12-18 00:07:32 | 000,029,784 | ---- | M] ((: JOBnik! [Arthur Aminov, ISRAEL]) -- C:\Program Files\AIMP2\System\bass_fx.dll MOD - [2009-12-09 10:40:04 | 000,025,152 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\PlugIns\bass_flac.dll MOD - [2009-12-02 15:37:54 | 000,017,472 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\System\bass_cda.dll MOD - [2009-12-01 14:17:12 | 000,012,352 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\System\bass_enc.dll MOD - [2009-10-28 12:03:50 | 000,012,488 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_alac.dll MOD - [2009-09-23 16:05:04 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Gadu-Gadu 10\dbghelp.dll MOD - [2009-09-23 16:04:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll MOD - [2009-09-22 13:42:30 | 000,027,200 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\PlugIns\bassmidi.dll MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL MOD - [2009-08-04 11:08:26 | 000,016,736 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_ac3.dll MOD - [2009-08-03 10:17:44 | 000,033,624 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_ape.dll MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-07-14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009-07-14 03:16:21 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2009-07-14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009-07-14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll MOD - [2009-07-14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll MOD - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 03:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-07-14 03:16:15 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll MOD - [2009-07-14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009-07-14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-07-14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-07-14 03:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDist.dll MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll MOD - [2009-07-14 03:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfos.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009-07-14 03:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll MOD - [2009-07-14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-07-14 03:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009-07-14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009-07-14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009-07-14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009-07-14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll MOD - [2009-07-14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-07-14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 03:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-07-14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-07-14 03:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll MOD - [2009-07-14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009-07-14 03:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2009-07-14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2009-05-22 13:55:56 | 000,021,320 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_mpc.dll MOD - [2009-04-24 10:20:48 | 000,005,960 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_ofr.dll MOD - [2008-10-25 10:27:54 | 000,044,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL MOD - [2008-02-28 18:06:46 | 001,836,328 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\MediaLibraryNSE.dll MOD - [2008-02-27 19:49:50 | 000,008,536 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_tta.dll MOD - [2008-02-27 16:25:04 | 000,047,936 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_spx.dll MOD - [2006-03-04 02:52:00 | 000,088,576 | ---- | M] () -- C:\Program Files\AIMP2\OptimFROG.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-04-14 16:08:12 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-06-04 11:03:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-06-13 02:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2012-02-10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-11-10 11:22:55 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2011-08-09 15:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 10:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-05-16 22:49:27 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2010-05-16 22:48:26 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010-05-16 22:48:26 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2010-03-19 16:14:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-03-19 16:14:12 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-03-25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009-03-25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV - [2009-03-25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV - [2009-03-25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009-03-25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV - [2009-03-25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV - [2009-03-25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2007-02-16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-07-14 11:51:24 | 000,002,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\portio32.sys -- (portio32) DRV - [2004-03-19 18:11:22 | 000,090,968 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = [url="http://search.msn.com/spbasic.htm"]http://search.msn.com/spbasic.htm[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url] IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kuba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-27 17:46:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-23 01:23:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-02-18 16:26:50 | 000,000,000 | ---D | M] [2010-02-27 05:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions [2012-03-31 17:18:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions [2012-01-03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\askcom.xml [2012-03-31 17:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-03-31 17:06:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2010-02-27 13:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions [2010-02-27 13:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012-03-13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-03-31 17:06:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-03-13 07:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-03-13 07:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-03-13 07:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-03-13 07:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-03-13 07:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-03-13 07:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml Hosts file not found O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B65B1F8B-1E95-46CC-B2C1-1BA6C9594A10}: DhcpNameServer = 172.22.1.13 8.8.8.8 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{4b4dcbc0-0b7e-11e1-a92c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{4b4dcbc0-0b7e-11e1-a92c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "bootini" - 0 MsConfig - State: "startup" - 0 MsConfig - State: "services" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-04-18 18:09:36 | 004,467,613 | ---- | C] (Swearware) -- C:\Users\Kuba\Desktop\ComboFix.exe [2012-04-10 22:51:59 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\TI [2012-04-10 21:56:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012-04-05 01:17:53 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Syndicate [2012-03-31 17:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-03-31 17:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask [2012-03-28 14:08:02 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Kuba [2012-03-22 22:33:30 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Rovio [2012-03-22 22:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio [2012-03-10 00:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012-03-10 00:06:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012-03-10 00:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012-03-10 00:01:54 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012-03-09 23:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\Phyxion.net [2012-03-08 19:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2012-03-08 19:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2012-03-08 19:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2012-03-02 12:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-03-02 12:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-03-02 12:33:09 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Google [2012-03-01 03:41:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool [2012-03-01 03:40:25 | 000,000,000 | ---D | C] -- C:\Flashtool [2012-02-21 18:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Unity [2012-02-21 18:25:49 | 000,594,752 | ---- | C] (Unity Technologies ApS) -- C:\Users\Kuba\Desktop\UnityWebPlayer.exe [2012-02-18 21:44:11 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\DarknessII [2012-02-18 21:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder [2012-02-18 21:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\TNod User & Password Finder [2012-02-18 21:06:33 | 000,000,000 | ---D | C] -- C:\_OTL [2012-02-18 21:06:08 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-04-18 18:44:01 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-18 18:10:04 | 004,467,613 | ---- | M] (Swearware) -- C:\Users\Kuba\Desktop\ComboFix.exe [2012-04-18 18:08:36 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-18 17:18:57 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-18 17:18:57 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-18 17:15:56 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-18 17:15:56 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-18 17:15:56 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-18 17:15:56 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-18 17:11:32 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012-04-18 17:11:32 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-18 17:10:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-18 01:48:21 | 015,719,504 | ---- | M] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3 [2012-04-16 00:26:17 | 000,157,225 | ---- | M] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf [2012-04-15 23:46:35 | 000,586,392 | ---- | M] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf [2012-04-12 10:10:09 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk [2012-04-11 02:53:48 | 000,145,576 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat [2012-03-29 11:04:02 | 001,334,738 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02296.JPG [2012-03-29 11:03:48 | 001,491,329 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02295.JPG [2012-03-29 11:03:36 | 001,463,265 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02294.JPG [2012-03-29 11:03:28 | 001,539,660 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02293.JPG [2012-03-28 13:32:25 | 000,421,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-03-27 17:47:31 | 000,000,008 | ---- | M] () -- C:\Windows\System32\camera.ini [2012-03-27 17:46:59 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl [2012-03-27 17:46:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-03-27 17:43:40 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2012-03-22 22:30:49 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk [2012-03-16 02:37:53 | 000,000,663 | ---- | M] () -- C:\Users\Kuba\Desktop\DSJ4.lnk [2012-03-08 02:33:22 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk [2012-03-03 19:25:42 | 000,000,704 | ---- | M] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk [2012-02-28 19:50:58 | 001,271,472 | ---- | M] () -- C:\Users\Kuba\Documents\DSC02149.JPG [2012-02-21 18:26:03 | 000,594,752 | ---- | M] (Unity Technologies ApS) -- C:\Users\Kuba\Desktop\UnityWebPlayer.exe [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-18 01:48:05 | 015,719,504 | ---- | C] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3 [2012-04-16 23:01:17 | 001,491,329 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02295.JPG [2012-04-16 23:01:17 | 001,463,265 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02294.JPG [2012-04-16 23:01:16 | 001,539,660 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02293.JPG [2012-04-16 23:01:16 | 001,334,738 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02296.JPG [2012-04-16 00:26:17 | 000,157,225 | ---- | C] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf [2012-04-15 23:46:29 | 000,586,392 | ---- | C] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf [2012-04-11 02:53:48 | 000,145,576 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2012-03-31 01:16:11 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-03-27 17:46:42 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-03-27 17:46:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-03-22 22:30:49 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk [2012-03-10 00:04:34 | 000,008,772 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2012-03-08 19:52:57 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk [2012-03-02 12:34:19 | 000,001,032 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-03-02 12:34:17 | 000,001,028 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-02-28 20:47:41 | 001,271,472 | ---- | C] () -- C:\Users\Kuba\Documents\DSC02149.JPG [2012-02-09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2012-01-03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2011-12-12 21:41:17 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-12-12 21:41:17 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-12-12 21:41:17 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-10-24 20:04:28 | 000,000,600 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd [2011-10-04 18:16:53 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2011-07-12 16:44:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011-05-29 21:06:18 | 000,000,008 | ---- | C] () -- C:\Windows\System32\camera.ini [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-02-27 14:12:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-02-27 14:10:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-02-17 08:29:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2011-01-26 01:28:04 | 000,019,968 | ---- | C] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-26 00:38:22 | 000,002,048 | ---- | C] () -- C:\Windows\System32\drivers\portio32.sys [2010-06-21 23:46:40 | 000,039,712 | ---- | C] () -- C:\Windows\System32\ASL.dll [2010-05-18 22:28:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010-05-18 22:25:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010-02-28 02:36:51 | 000,138,056 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\PnkBstrK.sys [2010-02-27 15:07:24 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini [color=#E56717]========== LOP Check ==========[/color] [2011-07-17 00:40:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.minecraft [2012-03-11 15:40:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\abgx360 [2011-02-28 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer [2010-02-27 17:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bioshock2 [2010-09-18 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bump Technologies, Inc [2010-03-22 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Command and Conquer 4 [2010-02-28 01:46:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools [2010-03-02 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite [2012-02-29 00:41:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DarknessII [2011-06-24 17:40:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Day 1 Studios [2011-11-06 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DeepBurner [2011-11-09 19:20:18 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\FMA [2012-03-25 17:15:23 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Gadu-Gadu 10 [2011-11-28 20:20:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GG Tools [2011-11-10 03:06:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ImgBurn [2012-03-27 17:44:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\IrfanView [2010-09-29 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Leadertech [2012-01-07 23:21:31 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI [2011-07-26 14:20:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI - Internal Private Closed Beta [2011-01-09 22:54:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\mkvtoolnix [2011-11-10 00:58:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\MyPhoneExplorer [2011-12-31 16:40:26 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Nel [2011-06-23 01:04:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++ [2011-11-30 18:21:34 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Olsom [2010-08-15 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\OpenFM [2011-09-30 19:23:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Origin [2010-09-12 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PMS [2010-03-24 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Prison Break [2011-12-12 21:10:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PunkBuster [2010-02-28 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Red Alert 3 [2012-03-22 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Rovio [2010-07-30 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Samsung [2010-06-30 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sports Interactive [2011-03-19 01:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\The Creative Assembly [2011-02-17 01:22:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Tunngle [2010-02-27 15:21:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft [2012-04-18 18:50:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent [2012-03-21 11:39:13 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-09-25 19:59:34 | 000,004,032 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2010-02-27 05:17:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-07-14 00:22:47 | 000,010,194 | ---- | M] () -- C:\MP4debug.log [2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-09-11 15:06:35 | 000,271,082 | RHS- | M] () -- C:\PTRQH [2010-09-11 15:06:35 | 000,000,020 | RHS- | M] () -- C:\win7.ld [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2012-01-13 15:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 2012-04-18 18:50:47 - Run 2 OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 57,37% Memory free 3,35 Gb Paging File | 2,01 Gb Available in Paging File | 59,97% Paging File free Paging file location(s): d:\pagefile.sys 100 4900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 1,33 Gb Free Space | 3,88% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 32,64 Gb Free Space | 7,56% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Społeczności "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1" = Symulator Jazdy 2 v.1.0 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands "{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI "{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31 "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java™ SE Development Kit 6 Update 26 "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004 "{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}" = Google Earth Plug-in "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{685BCFA5-6B62-49D3-97EA-E7C29A70D961}" = Modern warfare 2 Multiplayer - Gardzij "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1 "{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Społeczności "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0209 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Społeczności Na wakacjach "{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "abgx360" = abgx360 v1.0.6 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "AIMP2" = AIMP2 "ALLConverter to PSP_is1" = ALLConverter to PSP "AviSynth" = AviSynth 2.5 "Battlelog Web Plugins" = Battlelog Web Plugins "CanonMyPrinter" = Canon Utilities My Printer "CCleaner" = CCleaner "Cheat Engine 6.0_is1" = Cheat Engine 6.0 "CloneCD" = CloneCD "DAEMON Tools Lite" = DAEMON Tools Lite "Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "Flashtool" = Flashtool "Fraps" = Fraps (remove only) "Gadu-Gadu 10" = Gadu-Gadu 10 "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "GG Tools_is1" = GG Tools "GTA IV - Ultimate Vehicle Pack" = GTA IV - Ultimate Vehicle Pack v6.0.0.0 "ImgBurn" = ImgBurn "KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "MKVtoolnix" = MKVtoolnix 4.4.0 "Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl) "MPE" = MyPhoneExplorer "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Origin" = Origin "PS3 Media Server" = PS3 Media Server "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.2 "SopCast" = SopCast 3.2.9 "Test Drive Unlimited 2_is1" = Test Drive Unlimited 2 "Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204 "UltraISO_is1" = UltraISO Premium V9.36 "UnderCoverXP_is1" = UnderCoverXP 1.23 "Update Engine" = Sony Ericsson Update Engine "Update Service" = Update Service "uTorrent" = µTorrent "VirtualDubMod" = VirtualDubMod 1.5.10.2 PL "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "winscp3_is1" = WinSCP 4.3.5 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] nazwa wirusa http://imageshack.us/photo/my-images/845/wirus.jpg/ Pozdrawiam!
Gość komentarz 18 kwietnia 2012 komentarz 18 kwietnia 2012 (edytowane) Wykoaj log z kasperski [b]TDSSkiller[/b]. Tu masz instrukcje. Jeśli coś zostanie wykryte dla wszystkich wyników przyznaj opcję SKIP i przedstaw raport [url="http://www.fixitpc.pl/topic/8-dezynfekcja-zbior-narzedzi-usuwajacych/"]http://www.fixitpc.p...zi-usuwajacych/[/url] Log z Kasperskiego znajdziesz na dysku C. 1
swiatek94 komentarz 18 kwietnia 2012 Autor komentarz 18 kwietnia 2012 Zrobiłem jak napisałeś, znalazło dokładnie tą samą infekcje, co w przypadku NODa. Podrzucam loga [log]21:46:00.0187 2392 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20 21:46:00.0483 2392 ============================================================ 21:46:00.0483 2392 Current date / time: 2012/04/18 21:46:00.0483 21:46:00.0483 2392 SystemInfo: 21:46:00.0483 2392 21:46:00.0483 2392 OS Version: 6.1.7601 ServicePack: 1.0 21:46:00.0483 2392 Product type: Workstation 21:46:00.0483 2392 ComputerName: KUBA-KOMPUTER 21:46:00.0484 2392 UserName: Kuba 21:46:00.0484 2392 Windows directory: C:\Windows 21:46:00.0484 2392 System windows directory: C:\Windows 21:46:00.0484 2392 Processor architecture: Intel x86 21:46:00.0484 2392 Number of processors: 2 21:46:00.0484 2392 Page size: 0x1000 21:46:00.0484 2392 Boot type: Normal boot 21:46:00.0484 2392 ============================================================ 21:46:01.0275 2392 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 21:46:01.0277 2392 \Device\Harddisk0\DR0: 21:46:01.0277 2392 MBR partitions: 21:46:01.0277 2392 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x445C7AF 21:46:01.0290 2392 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x445C82D, BlocksNum 0x35F24553 21:46:01.0323 2392 C: <-> \Device\Harddisk0\DR0\Partition0 21:46:01.0341 2392 D: <-> \Device\Harddisk0\DR0\Partition1 21:46:01.0341 2392 Initialize success 21:46:01.0341 2392 ============================================================ 21:46:42.0548 3588 ============================================================ 21:46:42.0548 3588 Scan started 21:46:42.0548 3588 Mode: Manual; SigCheck; TDLFS; 21:46:42.0548 3588 ============================================================ 21:46:43.0457 3588 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 21:46:43.0538 3588 1394ohci - ok 21:46:43.0582 3588 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 21:46:43.0598 3588 ACPI - ok 21:46:43.0629 3588 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 21:46:43.0763 3588 AcpiPmi - ok 21:46:43.0847 3588 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 21:46:43.0871 3588 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning 21:46:43.0871 3588 Adobe LM Service - detected UnsignedFile.Multi.Generic (1) 21:46:43.0969 3588 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 21:46:43.0977 3588 AdobeARMservice - ok 21:46:44.0051 3588 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 21:46:44.0064 3588 AdobeFlashPlayerUpdateSvc - ok 21:46:44.0096 3588 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 21:46:44.0115 3588 adp94xx - ok 21:46:44.0130 3588 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 21:46:44.0143 3588 adpahci - ok 21:46:44.0166 3588 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 21:46:44.0191 3588 adpu320 - ok 21:46:44.0217 3588 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 21:46:44.0252 3588 AeLookupSvc - ok 21:46:44.0306 3588 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 21:46:44.0343 3588 AFD - ok 21:46:44.0367 3588 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 21:46:44.0375 3588 agp440 - ok 21:46:44.0396 3588 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 21:46:44.0406 3588 aic78xx - ok 21:46:44.0443 3588 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 21:46:44.0499 3588 ALG - ok 21:46:44.0526 3588 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 21:46:44.0535 3588 aliide - ok 21:46:44.0571 3588 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 21:46:44.0581 3588 amdagp - ok 21:46:44.0600 3588 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 21:46:44.0609 3588 amdide - ok 21:46:44.0632 3588 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 21:46:44.0663 3588 AmdK8 - ok 21:46:44.0674 3588 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 21:46:44.0687 3588 AmdPPM - ok 21:46:44.0717 3588 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 21:46:44.0727 3588 amdsata - ok 21:46:44.0741 3588 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 21:46:44.0752 3588 amdsbs - ok 21:46:44.0780 3588 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 21:46:44.0789 3588 amdxata - ok 21:46:44.0818 3588 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 21:46:44.0899 3588 AppID - ok 21:46:44.0923 3588 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 21:46:44.0952 3588 AppIDSvc - ok 21:46:44.0990 3588 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 21:46:45.0018 3588 Appinfo - ok 21:46:45.0077 3588 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:46:45.0084 3588 Apple Mobile Device - ok 21:46:45.0112 3588 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 21:46:45.0145 3588 AppMgmt - ok 21:46:45.0158 3588 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 21:46:45.0168 3588 arc - ok 21:46:45.0180 3588 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 21:46:45.0190 3588 arcsas - ok 21:46:45.0270 3588 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 21:46:45.0279 3588 aspnet_state - ok 21:46:45.0301 3588 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 21:46:45.0370 3588 AsyncMac - ok 21:46:45.0403 3588 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 21:46:45.0410 3588 atapi - ok 21:46:45.0452 3588 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys 21:46:50.0451 3588 atksgt - ok 21:46:50.0499 3588 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 21:46:50.0527 3588 AudioEndpointBuilder - ok 21:46:50.0536 3588 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 21:46:50.0558 3588 Audiosrv - ok 21:46:50.0597 3588 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 21:46:50.0647 3588 AxInstSV - ok 21:46:50.0680 3588 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 21:46:50.0710 3588 b06bdrv - ok 21:46:50.0734 3588 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 21:46:50.0773 3588 b57nd60x - ok 21:46:50.0803 3588 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 21:46:50.0827 3588 BDESVC - ok 21:46:50.0843 3588 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 21:46:50.0875 3588 Beep - ok 21:46:50.0925 3588 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 21:46:50.0964 3588 BFE - ok 21:46:50.0997 3588 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll 21:46:51.0048 3588 BITS - ok 21:46:51.0072 3588 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 21:46:51.0084 3588 blbdrive - ok 21:46:51.0141 3588 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe 21:46:51.0152 3588 Bonjour Service - ok 21:46:51.0179 3588 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 21:46:51.0219 3588 bowser - ok 21:46:51.0231 3588 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:46:51.0263 3588 BrFiltLo - ok 21:46:51.0277 3588 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:46:51.0301 3588 BrFiltUp - ok 21:46:51.0339 3588 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 21:46:51.0373 3588 Browser - ok 21:46:51.0399 3588 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 21:46:51.0431 3588 Brserid - ok 21:46:51.0443 3588 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 21:46:51.0472 3588 BrSerWdm - ok 21:46:51.0488 3588 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 21:46:51.0517 3588 BrUsbMdm - ok 21:46:51.0541 3588 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 21:46:51.0561 3588 BrUsbSer - ok 21:46:51.0572 3588 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 21:46:51.0598 3588 BTHMODEM - ok 21:46:51.0637 3588 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 21:46:51.0660 3588 bthserv - ok 21:46:51.0673 3588 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 21:46:51.0708 3588 cdfs - ok 21:46:51.0756 3588 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 21:46:51.0766 3588 cdrom - ok 21:46:51.0804 3588 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 21:46:51.0825 3588 CertPropSvc - ok 21:46:51.0837 3588 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 21:46:51.0860 3588 circlass - ok 21:46:51.0899 3588 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 21:46:51.0951 3588 CLFS - ok 21:46:52.0076 3588 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:46:52.0084 3588 clr_optimization_v2.0.50727_32 - ok 21:46:52.0152 3588 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:46:52.0162 3588 clr_optimization_v4.0.30319_32 - ok 21:46:52.0173 3588 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 21:46:52.0184 3588 CmBatt - ok 21:46:52.0214 3588 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 21:46:52.0223 3588 cmdide - ok 21:46:52.0243 3588 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 21:46:52.0273 3588 CNG - ok 21:46:52.0293 3588 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 21:46:52.0303 3588 Compbatt - ok 21:46:52.0337 3588 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 21:46:52.0352 3588 CompositeBus - ok 21:46:52.0363 3588 COMSysApp - ok 21:46:52.0387 3588 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 21:46:52.0396 3588 crcdisk - ok 21:46:52.0439 3588 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 21:46:52.0464 3588 CryptSvc - ok 21:46:52.0534 3588 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 21:46:52.0580 3588 CSC - ok 21:46:52.0625 3588 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll 21:46:52.0646 3588 CscService - ok 21:46:52.0687 3588 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 21:46:52.0717 3588 DcomLaunch - ok 21:46:52.0755 3588 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 21:46:52.0781 3588 defragsvc - ok 21:46:52.0819 3588 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 21:46:52.0850 3588 DfsC - ok 21:46:52.0888 3588 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 21:46:52.0925 3588 Dhcp - ok 21:46:52.0952 3588 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 21:46:52.0974 3588 discache - ok 21:46:53.0009 3588 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 21:46:53.0019 3588 Disk - ok 21:46:53.0051 3588 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 21:46:53.0081 3588 Dnscache - ok 21:46:53.0112 3588 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 21:46:53.0141 3588 dot3svc - ok 21:46:53.0176 3588 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 21:46:53.0209 3588 DPS - ok 21:46:53.0243 3588 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 21:46:53.0266 3588 drmkaud - ok 21:46:53.0308 3588 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 21:46:53.0348 3588 DXGKrnl - ok 21:46:53.0553 3588 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys 21:46:53.0578 3588 eamonm - ok 21:46:53.0598 3588 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 21:46:53.0630 3588 EapHost - ok 21:46:53.0709 3588 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 21:46:53.0791 3588 ebdrv - ok 21:46:53.0817 3588 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe 21:46:53.0830 3588 EFS - ok 21:46:53.0882 3588 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys 21:46:53.0890 3588 ehdrv - ok 21:46:53.0930 3588 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 21:46:53.0962 3588 ehRecvr - ok 21:46:53.0978 3588 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 21:46:54.0002 3588 ehSched - ok 21:46:54.0068 3588 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 21:46:54.0096 3588 ekrn - ok 21:46:54.0149 3588 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys 21:46:54.0158 3588 ElbyCDFL - ok 21:46:54.0237 3588 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\Windows\system32\Drivers\ElbyCDIO.sys 21:46:54.0245 3588 ElbyCDIO - ok 21:46:54.0283 3588 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 21:46:54.0300 3588 elxstor - ok 21:46:54.0328 3588 epfwwfpr (f39c91795ebdb9ecbeb5a388ff2841fe) C:\Windows\system32\DRIVERS\epfwwfpr.sys 21:46:54.0336 3588 epfwwfpr - ok 21:46:54.0363 3588 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 21:46:54.0381 3588 ErrDev - ok 21:46:54.0411 3588 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 21:46:54.0447 3588 EventSystem - ok 21:46:54.0463 3588 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 21:46:54.0486 3588 exfat - ok 21:46:54.0505 3588 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 21:46:54.0539 3588 fastfat - ok 21:46:54.0584 3588 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 21:46:54.0637 3588 Fax - ok 21:46:54.0659 3588 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 21:46:54.0675 3588 fdc - ok 21:46:54.0703 3588 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 21:46:54.0726 3588 fdPHost - ok 21:46:54.0744 3588 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 21:46:54.0778 3588 FDResPub - ok 21:46:54.0795 3588 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 21:46:54.0805 3588 FileInfo - ok 21:46:54.0818 3588 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 21:46:54.0839 3588 Filetrace - ok 21:46:54.0857 3588 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 21:46:54.0881 3588 flpydisk - ok 21:46:54.0917 3588 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 21:46:54.0929 3588 FltMgr - ok 21:46:54.0976 3588 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 21:46:55.0024 3588 FontCache - ok 21:46:55.0068 3588 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 21:46:55.0077 3588 FontCache3.0.0.0 - ok 21:46:55.0094 3588 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 21:46:55.0104 3588 FsDepends - ok 21:46:55.0125 3588 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 21:46:55.0134 3588 Fs_Rec - ok 21:46:55.0179 3588 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 21:46:55.0194 3588 fvevol - ok 21:46:55.0206 3588 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 21:46:55.0216 3588 gagp30kx - ok 21:46:55.0251 3588 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:46:55.0258 3588 GEARAspiWDM - ok 21:46:55.0286 3588 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys 21:46:55.0293 3588 ggflt - ok 21:46:55.0319 3588 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys 21:46:55.0326 3588 ggsemc - ok 21:46:55.0365 3588 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 21:46:55.0397 3588 gpsvc - ok 21:46:55.0458 3588 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 21:46:55.0469 3588 gupdate - ok 21:46:55.0485 3588 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 21:46:55.0491 3588 gupdatem - ok 21:46:55.0517 3588 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys 21:46:55.0524 3588 hamachi - ok 21:46:55.0540 3588 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 21:46:55.0572 3588 hcw85cir - ok 21:46:55.0638 3588 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 21:46:55.0656 3588 HdAudAddService - ok 21:46:55.0689 3588 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 21:46:55.0703 3588 HDAudBus - ok 21:46:55.0727 3588 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 21:46:55.0759 3588 HidBatt - ok 21:46:55.0784 3588 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 21:46:55.0803 3588 HidBth - ok 21:46:55.0816 3588 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 21:46:55.0830 3588 HidIr - ok 21:46:55.0858 3588 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll 21:46:55.0880 3588 hidserv - ok 21:46:55.0921 3588 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 21:46:55.0942 3588 HidUsb - ok 21:46:55.0973 3588 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 21:46:55.0995 3588 hkmsvc - ok 21:46:56.0030 3588 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 21:46:56.0056 3588 HomeGroupListener - ok 21:46:56.0091 3588 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 21:46:56.0120 3588 HomeGroupProvider - ok 21:46:56.0141 3588 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 21:46:56.0151 3588 HpSAMD - ok 21:46:56.0206 3588 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 21:46:56.0235 3588 HTTP - ok 21:46:56.0274 3588 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 21:46:56.0283 3588 hwpolicy - ok 21:46:56.0310 3588 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 21:46:56.0331 3588 i8042prt - ok 21:46:56.0367 3588 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 21:46:56.0383 3588 iaStorV - ok 21:46:56.0439 3588 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:46:56.0470 3588 idsvc - ok 21:46:56.0482 3588 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 21:46:56.0491 3588 iirsp - ok 21:46:56.0530 3588 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 21:46:56.0585 3588 IKEEXT - ok 21:46:56.0612 3588 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 21:46:56.0621 3588 intelide - ok 21:46:56.0649 3588 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 21:46:56.0666 3588 intelppm - ok 21:46:56.0698 3588 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 21:46:56.0726 3588 IPBusEnum - ok 21:46:56.0738 3588 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:46:56.0766 3588 IpFilterDriver - ok 21:46:56.0806 3588 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 21:46:56.0838 3588 iphlpsvc - ok 21:46:56.0854 3588 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 21:46:56.0866 3588 IPMIDRV - ok 21:46:56.0885 3588 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 21:46:56.0908 3588 IPNAT - ok 21:46:56.0964 3588 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe 21:46:56.0992 3588 iPod Service - ok 21:46:57.0011 3588 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 21:46:57.0047 3588 IRENUM - ok 21:46:57.0068 3588 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 21:46:57.0078 3588 isapnp - ok 21:46:57.0095 3588 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 21:46:57.0109 3588 iScsiPrt - ok 21:46:57.0158 3588 ISODrive (2f03ceb28307983f3b36216d35ffa5aa) C:\Program Files\UltraISO\drivers\ISODrive.sys 21:46:57.0167 3588 ISODrive - ok 21:46:57.0185 3588 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 21:46:57.0194 3588 kbdclass - ok 21:46:57.0231 3588 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 21:46:57.0246 3588 kbdhid - ok 21:46:57.0274 3588 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 21:46:57.0284 3588 KeyIso - ok 21:46:57.0319 3588 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 21:46:57.0360 3588 KSecDD - ok 21:46:57.0380 3588 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 21:46:57.0392 3588 KSecPkg - ok 21:46:57.0417 3588 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 21:46:57.0458 3588 KtmRm - ok 21:46:57.0493 3588 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll 21:46:57.0528 3588 LanmanServer - ok 21:46:57.0556 3588 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 21:46:57.0586 3588 LanmanWorkstation - ok 21:46:57.0632 3588 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys 21:46:57.0640 3588 lirsgt - ok 21:46:57.0657 3588 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 21:46:57.0680 3588 lltdio - ok 21:46:57.0705 3588 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 21:46:57.0731 3588 lltdsvc - ok 21:46:57.0746 3588 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 21:46:57.0772 3588 lmhosts - ok 21:46:57.0794 3588 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 21:46:57.0805 3588 LSI_FC - ok 21:46:57.0818 3588 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 21:46:57.0829 3588 LSI_SAS - ok 21:46:57.0845 3588 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:46:57.0854 3588 LSI_SAS2 - ok 21:46:57.0867 3588 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:46:57.0878 3588 LSI_SCSI - ok 21:46:57.0895 3588 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 21:46:57.0918 3588 luafv - ok 21:46:57.0957 3588 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 21:46:57.0969 3588 Mcx2Svc - ok 21:46:57.0996 3588 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 21:46:58.0005 3588 megasas - ok 21:46:58.0024 3588 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 21:46:58.0038 3588 MegaSR - ok 21:46:58.0065 3588 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 21:46:58.0097 3588 MMCSS - ok 21:46:58.0108 3588 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 21:46:58.0129 3588 Modem - ok 21:46:58.0151 3588 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 21:46:58.0178 3588 monitor - ok 21:46:58.0200 3588 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 21:46:58.0209 3588 mouclass - ok 21:46:58.0225 3588 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 21:46:58.0237 3588 mouhid - ok 21:46:58.0264 3588 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 21:46:58.0274 3588 mountmgr - ok 21:46:58.0300 3588 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 21:46:58.0311 3588 mpio - ok 21:46:58.0329 3588 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 21:46:58.0349 3588 mpsdrv - ok 21:46:58.0387 3588 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 21:46:58.0429 3588 MpsSvc - ok 21:46:58.0465 3588 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 21:46:58.0519 3588 MRxDAV - ok 21:46:58.0549 3588 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 21:46:58.0571 3588 mrxsmb - ok 21:46:58.0646 3588 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:46:58.0660 3588 mrxsmb10 - ok 21:46:58.0755 3588 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:46:58.0785 3588 mrxsmb20 - ok 21:46:58.0813 3588 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 21:46:58.0822 3588 msahci - ok 21:46:58.0842 3588 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 21:46:58.0853 3588 msdsm - ok 21:46:58.0879 3588 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 21:46:58.0893 3588 MSDTC - ok 21:46:58.0923 3588 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 21:46:58.0953 3588 Msfs - ok 21:46:58.0988 3588 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 21:46:59.0010 3588 mshidkmdf - ok 21:46:59.0027 3588 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 21:46:59.0035 3588 msisadrv - ok 21:46:59.0060 3588 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 21:46:59.0093 3588 MSiSCSI - ok 21:46:59.0102 3588 msiserver - ok 21:46:59.0128 3588 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 21:46:59.0159 3588 MSKSSRV - ok 21:46:59.0190 3588 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 21:46:59.0211 3588 MSPCLOCK - ok 21:46:59.0224 3588 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 21:46:59.0249 3588 MSPQM - ok 21:46:59.0272 3588 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 21:46:59.0284 3588 MsRPC - ok 21:46:59.0300 3588 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 21:46:59.0310 3588 mssmbios - ok 21:46:59.0331 3588 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 21:46:59.0352 3588 MSTEE - ok 21:46:59.0364 3588 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 21:46:59.0380 3588 MTConfig - ok 21:46:59.0425 3588 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys 21:46:59.0445 3588 MTsensor - ok 21:46:59.0466 3588 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 21:46:59.0476 3588 Mup - ok 21:46:59.0510 3588 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 21:46:59.0538 3588 napagent - ok 21:46:59.0585 3588 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 21:46:59.0615 3588 NativeWifiP - ok 21:46:59.0671 3588 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 21:46:59.0688 3588 NDIS - ok 21:46:59.0715 3588 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 21:46:59.0737 3588 NdisCap - ok 21:46:59.0766 3588 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 21:46:59.0791 3588 NdisTapi - ok 21:46:59.0828 3588 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 21:46:59.0859 3588 Ndisuio - ok 21:46:59.0893 3588 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 21:46:59.0915 3588 NdisWan - ok 21:46:59.0951 3588 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 21:46:59.0982 3588 NDProxy - ok 21:47:00.0066 3588 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 21:47:00.0095 3588 Nero BackItUp Scheduler 3 - ok 21:47:00.0118 3588 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 21:47:00.0149 3588 NetBIOS - ok 21:47:00.0174 3588 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 21:47:00.0198 3588 NetBT - ok 21:47:00.0222 3588 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 21:47:00.0233 3588 Netlogon - ok 21:47:00.0279 3588 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 21:47:00.0308 3588 Netman - ok 21:47:00.0376 3588 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:47:00.0386 3588 NetMsmqActivator - ok 21:47:00.0391 3588 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:47:00.0398 3588 NetPipeActivator - ok 21:47:00.0423 3588 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 21:47:00.0451 3588 netprofm - ok 21:47:00.0470 3588 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:47:00.0477 3588 NetTcpActivator - ok 21:47:00.0481 3588 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 21:47:00.0489 3588 NetTcpPortSharing - ok 21:47:00.0515 3588 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 21:47:00.0524 3588 nfrd960 - ok 21:47:00.0546 3588 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 21:47:00.0577 3588 NlaSvc - ok 21:47:00.0614 3588 NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 21:47:00.0639 3588 NMIndexingService - ok 21:47:00.0650 3588 nmwcdnsu - ok 21:47:00.0668 3588 nmwcdnsuc - ok 21:47:00.0691 3588 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 21:47:00.0717 3588 Npfs - ok 21:47:00.0735 3588 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 21:47:00.0774 3588 nsi - ok 21:47:00.0790 3588 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 21:47:00.0824 3588 nsiproxy - ok 21:47:00.0873 3588 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 21:47:00.0915 3588 Ntfs - ok 21:47:00.0932 3588 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 21:47:00.0963 3588 Null - ok 21:47:01.0153 3588 nvlddmkm (f452e6ad3eda2852f44be492e283c40f) C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:47:01.0413 3588 nvlddmkm - ok 21:47:01.0463 3588 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 21:47:01.0474 3588 nvraid - ok 21:47:01.0503 3588 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 21:47:01.0515 3588 nvstor - ok 21:47:01.0571 3588 nvsvc (70145ade9efe2ce296dd5fc761b4969b) C:\Windows\system32\nvvsvc.exe 21:47:01.0598 3588 nvsvc - ok 21:47:01.0674 3588 nvUpdatusService (d3acc38a963b71bd4d2dfdc1050219b9) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 21:47:01.0739 3588 nvUpdatusService - ok 21:47:01.0772 3588 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 21:47:01.0782 3588 nv_agp - ok 21:47:01.0827 3588 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 21:47:01.0844 3588 odserv - ok 21:47:01.0867 3588 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 21:47:01.0886 3588 ohci1394 - ok 21:47:01.0931 3588 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:47:01.0941 3588 ose - ok 21:47:01.0971 3588 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 21:47:01.0995 3588 p2pimsvc - ok 21:47:02.0018 3588 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 21:47:02.0042 3588 p2psvc - ok 21:47:02.0060 3588 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 21:47:02.0071 3588 Parport - ok 21:47:02.0100 3588 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 21:47:02.0110 3588 partmgr - ok 21:47:02.0131 3588 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 21:47:02.0144 3588 Parvdm - ok 21:47:02.0164 3588 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 21:47:02.0181 3588 PcaSvc - ok 21:47:02.0213 3588 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 21:47:02.0225 3588 pci - ok 21:47:02.0241 3588 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 21:47:02.0250 3588 pciide - ok 21:47:02.0273 3588 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 21:47:02.0287 3588 pcmcia - ok 21:47:02.0305 3588 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 21:47:02.0316 3588 pcw - ok 21:47:02.0350 3588 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 21:47:02.0391 3588 PEAUTH - ok 21:47:02.0433 3588 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 21:47:02.0473 3588 PeerDistSvc - ok 21:47:02.0533 3588 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 21:47:02.0585 3588 pla - ok 21:47:02.0613 3588 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe 21:47:02.0619 3588 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning 21:47:02.0619 3588 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1) 21:47:02.0660 3588 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 21:47:02.0698 3588 PlugPlay - ok 21:47:02.0724 3588 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe 21:47:02.0734 3588 PnkBstrA - ok 21:47:02.0752 3588 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 21:47:02.0770 3588 PNRPAutoReg - ok 21:47:02.0785 3588 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 21:47:02.0798 3588 PNRPsvc - ok 21:47:02.0834 3588 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 21:47:02.0862 3588 PolicyAgent - ok 21:47:02.0914 3588 portio32 (09687a361c9f1418973a4ae17d2f52cc) C:\Windows\system32\drivers\portio32.sys 21:47:02.0918 3588 portio32 ( UnsignedFile.Multi.Generic ) - warning 21:47:02.0918 3588 portio32 - detected UnsignedFile.Multi.Generic (1) 21:47:02.0945 3588 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 21:47:02.0979 3588 Power - ok 21:47:03.0004 3588 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 21:47:03.0031 3588 PptpMiniport - ok 21:47:03.0055 3588 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 21:47:03.0078 3588 Processor - ok 21:47:03.0108 3588 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 21:47:03.0132 3588 ProfSvc - ok 21:47:03.0162 3588 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 21:47:03.0173 3588 ProtectedStorage - ok 21:47:03.0199 3588 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 21:47:03.0235 3588 Psched - ok 21:47:03.0276 3588 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 21:47:03.0319 3588 ql2300 - ok 21:47:03.0336 3588 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 21:47:03.0347 3588 ql40xx - ok 21:47:03.0375 3588 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 21:47:03.0392 3588 QWAVE - ok 21:47:03.0412 3588 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 21:47:03.0442 3588 QWAVEdrv - ok 21:47:03.0463 3588 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 21:47:03.0495 3588 RasAcd - ok 21:47:03.0519 3588 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 21:47:03.0549 3588 RasAgileVpn - ok 21:47:03.0568 3588 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 21:47:03.0602 3588 RasAuto - ok 21:47:03.0623 3588 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 21:47:03.0653 3588 Rasl2tp - ok 21:47:03.0690 3588 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 21:47:03.0717 3588 RasMan - ok 21:47:03.0743 3588 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 21:47:03.0765 3588 RasPppoe - ok 21:47:03.0802 3588 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 21:47:03.0837 3588 RasSstp - ok 21:47:03.0871 3588 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 21:47:03.0899 3588 rdbss - ok 21:47:03.0924 3588 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 21:47:03.0937 3588 rdpbus - ok 21:47:03.0960 3588 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 21:47:03.0979 3588 RDPCDD - ok 21:47:04.0011 3588 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 21:47:04.0029 3588 RDPDR - ok 21:47:04.0053 3588 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 21:47:04.0082 3588 RDPENCDD - ok 21:47:04.0106 3588 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 21:47:04.0132 3588 RDPREFMP - ok 21:47:04.0166 3588 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 21:47:04.0196 3588 RdpVideoMiniport - ok 21:47:04.0232 3588 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 21:47:04.0254 3588 RDPWD - ok 21:47:04.0308 3588 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 21:47:04.0320 3588 rdyboost - ok 21:47:04.0347 3588 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 21:47:04.0378 3588 RemoteAccess - ok 21:47:04.0413 3588 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 21:47:04.0437 3588 RemoteRegistry - ok 21:47:04.0508 3588 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 21:47:04.0541 3588 RpcEptMapper - ok 21:47:04.0569 3588 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 21:47:04.0580 3588 RpcLocator - ok 21:47:04.0614 3588 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 21:47:04.0639 3588 RpcSs - ok 21:47:04.0671 3588 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 21:47:04.0693 3588 rspndr - ok 21:47:04.0741 3588 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\Windows\system32\DRIVERS\s1018bus.sys 21:47:04.0749 3588 s1018bus - ok 21:47:04.0784 3588 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\Windows\system32\DRIVERS\s1018mdfl.sys 21:47:04.0791 3588 s1018mdfl - ok 21:47:04.0829 3588 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\Windows\system32\DRIVERS\s1018mdm.sys 21:47:04.0837 3588 s1018mdm - ok 21:47:04.0868 3588 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\Windows\system32\DRIVERS\s1018mgmt.sys 21:47:04.0888 3588 s1018mgmt - ok 21:47:04.0923 3588 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\Windows\system32\DRIVERS\s1018nd5.sys 21:47:04.0930 3588 s1018nd5 - ok 21:47:04.0967 3588 s1018obex (49431efda842b474531c29ffae9f5d09) C:\Windows\system32\DRIVERS\s1018obex.sys 21:47:04.0976 3588 s1018obex - ok 21:47:04.0998 3588 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\Windows\system32\DRIVERS\s1018unic.sys 21:47:05.0009 3588 s1018unic - ok 21:47:05.0040 3588 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 21:47:05.0064 3588 s3cap - ok 21:47:05.0086 3588 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 21:47:05.0097 3588 SamSs - ok 21:47:05.0133 3588 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 21:47:05.0144 3588 sbp2port - ok 21:47:05.0162 3588 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 21:47:05.0192 3588 SCardSvr - ok 21:47:05.0217 3588 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 21:47:05.0236 3588 scfilter - ok 21:47:05.0276 3588 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 21:47:05.0320 3588 Schedule - ok 21:47:05.0347 3588 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 21:47:05.0366 3588 SCPolicySvc - ok 21:47:05.0403 3588 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 21:47:05.0423 3588 SDRSVC - ok 21:47:05.0449 3588 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 21:47:05.0477 3588 secdrv - ok 21:47:05.0496 3588 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 21:47:05.0523 3588 seclogon - ok 21:47:05.0561 3588 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys 21:47:05.0597 3588 seehcri - ok 21:47:05.0630 3588 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll 21:47:05.0661 3588 SENS - ok 21:47:05.0683 3588 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 21:47:05.0713 3588 SensrSvc - ok 21:47:05.0735 3588 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 21:47:05.0746 3588 Serenum - ok 21:47:05.0768 3588 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 21:47:05.0812 3588 Serial - ok 21:47:05.0847 3588 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 21:47:05.0858 3588 sermouse - ok 21:47:05.0897 3588 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 21:47:05.0920 3588 SessionEnv - ok 21:47:05.0959 3588 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 21:47:05.0977 3588 sffdisk - ok 21:47:05.0991 3588 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 21:47:06.0001 3588 sffp_mmc - ok 21:47:06.0013 3588 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 21:47:06.0035 3588 sffp_sd - ok 21:47:06.0056 3588 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 21:47:06.0068 3588 sfloppy - ok 21:47:06.0098 3588 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 21:47:06.0134 3588 SharedAccess - ok 21:47:06.0167 3588 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 21:47:06.0194 3588 ShellHWDetection - ok 21:47:06.0223 3588 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 21:47:06.0233 3588 sisagp - ok 21:47:06.0266 3588 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:47:06.0276 3588 SiSRaid2 - ok 21:47:06.0293 3588 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 21:47:06.0304 3588 SiSRaid4 - ok 21:47:06.0322 3588 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 21:47:06.0344 3588 Smb - ok 21:47:06.0386 3588 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 21:47:06.0398 3588 SNMPTRAP - ok 21:47:06.0415 3588 snpstd - ok 21:47:06.0479 3588 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe 21:47:06.0490 3588 Sony PC Companion - ok 21:47:06.0507 3588 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 21:47:06.0516 3588 spldr - ok 21:47:06.0555 3588 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 21:47:06.0593 3588 Spooler - ok 21:47:06.0663 3588 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 21:47:06.0747 3588 sppsvc - ok 21:47:06.0786 3588 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 21:47:06.0807 3588 sppuinotify - ok 21:47:06.0849 3588 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys 21:47:06.0849 3588 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9 21:47:06.0850 3588 sptd ( LockedFile.Multi.Generic ) - warning 21:47:06.0850 3588 sptd - detected LockedFile.Multi.Generic (1) 21:47:06.0886 3588 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 21:47:06.0929 3588 srv - ok 21:47:06.0969 3588 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 21:47:06.0995 3588 srv2 - ok 21:47:07.0030 3588 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 21:47:07.0042 3588 srvnet - ok 21:47:07.0071 3588 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 21:47:07.0097 3588 SSDPSRV - ok 21:47:07.0120 3588 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 21:47:07.0149 3588 SstpSvc - ok 21:47:07.0191 3588 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys 21:47:07.0195 3588 StarOpen ( UnsignedFile.Multi.Generic ) - warning 21:47:07.0195 3588 StarOpen - detected UnsignedFile.Multi.Generic (1) 21:47:07.0211 3588 Steam Client Service - ok 21:47:07.0256 3588 Stereo Service (8544a200c40447e465f06e58687428bb) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 21:47:07.0270 3588 Stereo Service - ok 21:47:07.0299 3588 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 21:47:07.0310 3588 stexstor - ok 21:47:07.0344 3588 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 21:47:07.0373 3588 StiSvc - ok 21:47:07.0411 3588 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 21:47:07.0421 3588 storflt - ok 21:47:07.0461 3588 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 21:47:07.0473 3588 storvsc - ok 21:47:07.0500 3588 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 21:47:07.0508 3588 swenum - ok 21:47:07.0536 3588 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 21:47:07.0575 3588 swprv - ok 21:47:07.0610 3588 Synth3dVsc - ok 21:47:07.0670 3588 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 21:47:07.0712 3588 SysMain - ok 21:47:07.0744 3588 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 21:47:07.0760 3588 TabletInputService - ok 21:47:07.0795 3588 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 21:47:07.0838 3588 TapiSrv - ok 21:47:07.0864 3588 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 21:47:07.0887 3588 TBS - ok 21:47:07.0942 3588 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 21:47:07.0986 3588 Tcpip - ok 21:47:08.0034 3588 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 21:47:08.0057 3588 TCPIP6 - ok 21:47:08.0090 3588 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 21:47:08.0109 3588 tcpipreg - ok 21:47:08.0143 3588 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 21:47:08.0170 3588 TDPIPE - ok 21:47:08.0206 3588 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 21:47:08.0226 3588 TDTCP - ok 21:47:08.0260 3588 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 21:47:08.0288 3588 tdx - ok 21:47:08.0313 3588 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 21:47:08.0323 3588 TermDD - ok 21:47:08.0362 3588 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 21:47:08.0394 3588 TermService - ok 21:47:08.0409 3588 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 21:47:08.0429 3588 Themes - ok 21:47:08.0459 3588 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 21:47:08.0482 3588 THREADORDER - ok 21:47:08.0520 3588 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 21:47:08.0552 3588 TrkWks - ok 21:47:08.0585 3588 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 21:47:08.0619 3588 TrustedInstaller - ok 21:47:08.0638 3588 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 21:47:08.0662 3588 tssecsrv - ok 21:47:08.0684 3588 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 21:47:08.0710 3588 TsUsbFlt - ok 21:47:08.0721 3588 tsusbhub - ok 21:47:08.0761 3588 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 21:47:08.0821 3588 tunnel - ok 21:47:08.0846 3588 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 21:47:08.0856 3588 uagp35 - ok 21:47:08.0878 3588 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 21:47:08.0917 3588 udfs - ok 21:47:08.0944 3588 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 21:47:08.0957 3588 UI0Detect - ok 21:47:08.0998 3588 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 21:47:09.0008 3588 uliagpkx - ok 21:47:09.0054 3588 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 21:47:09.0065 3588 umbus - ok 21:47:09.0094 3588 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 21:47:09.0107 3588 UmPass - ok 21:47:09.0154 3588 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll 21:47:09.0174 3588 UmRdpService - ok 21:47:09.0205 3588 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 21:47:09.0238 3588 upnphost - ok 21:47:09.0262 3588 upperdev - ok 21:47:09.0300 3588 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys 21:47:09.0331 3588 USBAAPL - ok 21:47:09.0358 3588 usbbus (8ef48ff1c23b1ce6f96d09a45959eb20) C:\Windows\system32\DRIVERS\lgusbbus.sys 21:47:09.0377 3588 usbbus - ok 21:47:09.0407 3588 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 21:47:09.0422 3588 usbccgp - ok 21:47:09.0451 3588 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 21:47:09.0473 3588 usbcir - ok 21:47:09.0492 3588 UsbDiag (a0e24c5c2d0cff04bbd3753a72fae80b) C:\Windows\system32\DRIVERS\lgusbdiag.sys 21:47:09.0502 3588 UsbDiag - ok 21:47:09.0545 3588 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 21:47:09.0555 3588 usbehci - ok 21:47:09.0599 3588 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\drivers\usbhub.sys 21:47:09.0624 3588 usbhub - ok 21:47:09.0649 3588 USBModem (cc09a1132b1f6a8362107cc134e90d0b) C:\Windows\system32\DRIVERS\lgusbmodem.sys 21:47:09.0667 3588 USBModem - ok 21:47:09.0687 3588 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 21:47:09.0703 3588 usbohci - ok 21:47:09.0725 3588 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 21:47:09.0738 3588 usbprint - ok 21:47:09.0779 3588 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 21:47:09.0803 3588 usbscan - ok 21:47:09.0830 3588 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:47:09.0847 3588 USBSTOR - ok 21:47:09.0879 3588 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 21:47:09.0897 3588 usbuhci - ok 21:47:09.0937 3588 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys 21:47:09.0952 3588 usbvideo - ok 21:47:09.0970 3588 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 21:47:10.0001 3588 UxSms - ok 21:47:10.0025 3588 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 21:47:10.0036 3588 VaultSvc - ok 21:47:10.0069 3588 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 21:47:10.0079 3588 vdrvroot - ok 21:47:10.0118 3588 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 21:47:10.0155 3588 vds - ok 21:47:10.0191 3588 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 21:47:10.0203 3588 vga - ok 21:47:10.0221 3588 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 21:47:10.0243 3588 VgaSave - ok 21:47:10.0256 3588 VGPU - ok 21:47:10.0285 3588 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 21:47:10.0297 3588 vhdmp - ok 21:47:10.0315 3588 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 21:47:10.0326 3588 viaagp - ok 21:47:10.0349 3588 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 21:47:10.0361 3588 ViaC7 - ok 21:47:10.0387 3588 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 21:47:10.0395 3588 viaide - ok 21:47:10.0428 3588 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 21:47:10.0442 3588 vmbus - ok 21:47:10.0464 3588 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 21:47:10.0476 3588 VMBusHID - ok 21:47:10.0506 3588 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 21:47:10.0515 3588 volmgr - ok 21:47:10.0546 3588 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 21:47:10.0561 3588 volmgrx - ok 21:47:10.0598 3588 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 21:47:10.0613 3588 volsnap - ok 21:47:10.0636 3588 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 21:47:10.0648 3588 vsmraid - ok 21:47:10.0693 3588 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 21:47:10.0753 3588 VSS - ok 21:47:10.0771 3588 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 21:47:10.0784 3588 vwifibus - ok 21:47:10.0816 3588 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 21:47:10.0858 3588 W32Time - ok 21:47:10.0878 3588 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 21:47:10.0890 3588 WacomPen - ok 21:47:10.0920 3588 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 21:47:10.0948 3588 WANARP - ok 21:47:10.0951 3588 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 21:47:10.0970 3588 Wanarpv6 - ok 21:47:11.0072 3588 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 21:47:11.0117 3588 WatAdminSvc - ok 21:47:11.0166 3588 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 21:47:11.0222 3588 wbengine - ok 21:47:11.0246 3588 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 21:47:11.0263 3588 WbioSrvc - ok 21:47:11.0296 3588 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 21:47:11.0315 3588 wcncsvc - ok 21:47:11.0330 3588 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 21:47:11.0352 3588 WcsPlugInService - ok 21:47:11.0374 3588 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 21:47:11.0383 3588 Wd - ok 21:47:11.0407 3588 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 21:47:11.0424 3588 Wdf01000 - ok 21:47:11.0446 3588 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 21:47:11.0486 3588 WdiServiceHost - ok 21:47:11.0489 3588 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 21:47:11.0502 3588 WdiSystemHost - ok 21:47:11.0535 3588 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 21:47:11.0560 3588 WebClient - ok 21:47:11.0580 3588 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 21:47:11.0606 3588 Wecsvc - ok 21:47:11.0622 3588 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 21:47:11.0644 3588 wercplsupport - ok 21:47:11.0671 3588 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 21:47:11.0695 3588 WerSvc - ok 21:47:11.0732 3588 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 21:47:11.0758 3588 WfpLwf - ok 21:47:11.0772 3588 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 21:47:11.0781 3588 WIMMount - ok 21:47:11.0858 3588 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 21:47:11.0893 3588 WinDefend - ok 21:47:11.0899 3588 WinHttpAutoProxySvc - ok 21:47:11.0947 3588 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 21:47:11.0970 3588 Winmgmt - ok 21:47:12.0021 3588 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 21:47:12.0071 3588 WinRM - ok 21:47:12.0130 3588 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 21:47:12.0154 3588 WinUsb - ok 21:47:12.0203 3588 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 21:47:12.0253 3588 Wlansvc - ok 21:47:12.0315 3588 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:47:12.0358 3588 wlidsvc - ok 21:47:12.0383 3588 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 21:47:12.0394 3588 WmiAcpi - ok 21:47:12.0424 3588 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 21:47:12.0437 3588 wmiApSrv - ok 21:47:12.0490 3588 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 21:47:12.0540 3588 WMPNetworkSvc - ok 21:47:12.0558 3588 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 21:47:12.0578 3588 WPCSvc - ok 21:47:12.0598 3588 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 21:47:12.0633 3588 WPDBusEnum - ok 21:47:12.0651 3588 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 21:47:12.0684 3588 ws2ifsl - ok 21:47:12.0706 3588 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll 21:47:12.0729 3588 wscsvc - ok 21:47:12.0739 3588 WSearch - ok 21:47:12.0795 3588 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 21:47:12.0923 3588 wuauserv - ok 21:47:12.0967 3588 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 21:47:12.0988 3588 WudfPf - ok 21:47:13.0027 3588 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 21:47:13.0049 3588 WUDFRd - ok 21:47:13.0088 3588 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 21:47:13.0123 3588 wudfsvc - ok 21:47:13.0155 3588 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 21:47:13.0182 3588 WwanSvc - ok 21:47:13.0231 3588 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys 21:47:13.0274 3588 yukonw7 - ok 21:47:13.0340 3588 ZSMC301b (1e41295eac56589efd9dc3ca14bf3fec) C:\Windows\system32\Drivers\usbVM31b.sys 21:47:13.0358 3588 ZSMC301b - ok 21:47:13.0369 3588 MBR (0x1B8) (de1996b5390bac8242e23168f828c750) \Device\Harddisk0\DR0 21:47:13.0394 3588 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected 21:47:13.0394 3588 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 21:47:13.0398 3588 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 21:47:13.0398 3588 \Device\Harddisk0\DR0 - detected TDSS File System (1) 21:47:13.0401 3588 Boot (0x1200) (e133ab504d650c99a1a192b0a40334fb) \Device\Harddisk0\DR0\Partition0 21:47:13.0402 3588 \Device\Harddisk0\DR0\Partition0 - ok 21:47:13.0422 3588 Boot (0x1200) (d451d21d27994d64f0a1f2e26835a76a) \Device\Harddisk0\DR0\Partition1 21:47:13.0424 3588 \Device\Harddisk0\DR0\Partition1 - ok 21:47:13.0424 3588 ============================================================ 21:47:13.0424 3588 Scan finished 21:47:13.0424 3588 ============================================================ 21:47:13.0433 2768 Detected object count: 7 21:47:13.0433 2768 Actual detected object count: 7 21:48:33.0428 2768 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user 21:48:33.0428 2768 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:48:33.0430 2768 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user 21:48:33.0430 2768 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:48:33.0431 2768 portio32 ( UnsignedFile.Multi.Generic ) - skipped by user 21:48:33.0431 2768 portio32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:48:33.0432 2768 sptd ( LockedFile.Multi.Generic ) - skipped by user 21:48:33.0432 2768 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 21:48:33.0433 2768 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user 21:48:33.0433 2768 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:48:33.0434 2768 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - skipped by user 21:48:33.0434 2768 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Skip 21:48:33.0435 2768 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 21:48:33.0435 2768 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 21:49:08.0501 3076 Deinitialize success [/log]
Gość komentarz 18 kwietnia 2012 komentarz 18 kwietnia 2012 Uruchom Kasperskiego i dla ponizszych wyników przyznaj akcję [b]Cure[/b]. Wykonaj restart. [code]1:48:33.0434 2768 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - skipped by user 21:48:33.0434 2768 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Skip 21:48:33.0435 2768 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 21:48:33.0435 2768 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip[/code] Po tym wykonaj skan [b]Gmerem[/b] i przedstaw raport. 1
swiatek94 komentarz 18 kwietnia 2012 Autor komentarz 18 kwietnia 2012 (edytowane) Pierwszy rotkit poszedł bez problemu akcją Cure, zaś drugi nie miał takiej opcji, więc wybrałem Delete i zamiast to usunąć skopiował to do kwarantanny, którą mam teraz na dysku C i nie chce się to przez usunąć tdsskiller (normalnie nie próbowałem) dodaje loga z tdsskiller i Gmer [log]23:30:55.0131 0384 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20 23:30:55.0276 0384 ============================================================ 23:30:55.0276 0384 Current date / time: 2012/04/18 23:30:55.0276 23:30:55.0276 0384 SystemInfo: 23:30:55.0276 0384 23:30:55.0276 0384 OS Version: 6.1.7601 ServicePack: 1.0 23:30:55.0276 0384 Product type: Workstation 23:30:55.0276 0384 ComputerName: KUBA-KOMPUTER 23:30:55.0276 0384 UserName: Kuba 23:30:55.0276 0384 Windows directory: C:\Windows 23:30:55.0276 0384 System windows directory: C:\Windows 23:30:55.0276 0384 Processor architecture: Intel x86 23:30:55.0276 0384 Number of processors: 2 23:30:55.0276 0384 Page size: 0x1000 23:30:55.0276 0384 Boot type: Normal boot 23:30:55.0276 0384 ============================================================ 23:31:02.0150 0384 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 23:31:02.0161 0384 \Device\Harddisk0\DR0: 23:31:02.0161 0384 MBR partitions: 23:31:02.0161 0384 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x445C7AF 23:31:02.0168 0384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x445C82D, BlocksNum 0x35F24553 23:31:02.0200 0384 C: <-> \Device\Harddisk0\DR0\Partition0 23:31:02.0269 0384 D: <-> \Device\Harddisk0\DR0\Partition1 23:31:02.0269 0384 Initialize success 23:31:02.0269 0384 ============================================================ 23:31:06.0878 2860 ============================================================ 23:31:06.0878 2860 Scan started 23:31:06.0878 2860 Mode: Manual; SigCheck; TDLFS; 23:31:06.0878 2860 ============================================================ 23:31:08.0385 2860 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 23:31:14.0147 2860 1394ohci - ok 23:31:14.0224 2860 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 23:31:14.0241 2860 ACPI - ok 23:31:14.0280 2860 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 23:31:14.0343 2860 AcpiPmi - ok 23:31:14.0439 2860 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 23:31:14.0463 2860 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning 23:31:14.0463 2860 Adobe LM Service - detected UnsignedFile.Multi.Generic (1) 23:31:14.0553 2860 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 23:31:14.0565 2860 AdobeARMservice - ok 23:31:14.0645 2860 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 23:31:14.0670 2860 AdobeFlashPlayerUpdateSvc - ok 23:31:14.0706 2860 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 23:31:14.0740 2860 adp94xx - ok 23:31:14.0756 2860 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 23:31:14.0770 2860 adpahci - ok 23:31:14.0792 2860 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 23:31:14.0817 2860 adpu320 - ok 23:31:14.0842 2860 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll 23:31:14.0879 2860 AeLookupSvc - ok 23:31:14.0941 2860 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 23:31:14.0998 2860 AFD - ok 23:31:15.0043 2860 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 23:31:15.0057 2860 agp440 - ok 23:31:15.0072 2860 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 23:31:15.0086 2860 aic78xx - ok 23:31:15.0119 2860 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe 23:31:15.0162 2860 ALG - ok 23:31:15.0186 2860 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 23:31:15.0195 2860 aliide - ok 23:31:15.0230 2860 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 23:31:15.0240 2860 amdagp - ok 23:31:15.0260 2860 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 23:31:15.0269 2860 amdide - ok 23:31:15.0281 2860 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 23:31:15.0312 2860 AmdK8 - ok 23:31:15.0324 2860 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 23:31:15.0346 2860 AmdPPM - ok 23:31:15.0377 2860 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 23:31:15.0387 2860 amdsata - ok 23:31:15.0403 2860 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 23:31:15.0415 2860 amdsbs - ok 23:31:15.0448 2860 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 23:31:15.0457 2860 amdxata - ok 23:31:15.0494 2860 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 23:31:15.0567 2860 AppID - ok 23:31:15.0582 2860 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll 23:31:15.0611 2860 AppIDSvc - ok 23:31:15.0658 2860 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll 23:31:15.0694 2860 Appinfo - ok 23:31:15.0837 2860 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 23:31:15.0871 2860 Apple Mobile Device - ok 23:31:16.0040 2860 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll 23:31:16.0224 2860 AppMgmt - ok 23:31:16.0390 2860 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 23:31:16.0428 2860 arc - ok 23:31:16.0618 2860 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 23:31:16.0633 2860 arcsas - ok 23:31:17.0096 2860 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 23:31:17.0151 2860 aspnet_state - ok 23:31:17.0343 2860 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 23:31:17.0464 2860 AsyncMac - ok 23:31:17.0494 2860 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 23:31:17.0511 2860 atapi - ok 23:31:17.0728 2860 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys 23:31:17.0782 2860 atksgt - ok 23:31:17.0827 2860 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 23:31:17.0879 2860 AudioEndpointBuilder - ok 23:31:17.0909 2860 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll 23:31:17.0942 2860 Audiosrv - ok 23:31:18.0025 2860 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll 23:31:18.0155 2860 AxInstSV - ok 23:31:18.0504 2860 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 23:31:18.0651 2860 b06bdrv - ok 23:31:18.0724 2860 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 23:31:18.0798 2860 b57nd60x - ok 23:31:18.0845 2860 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll 23:31:18.0882 2860 BDESVC - ok 23:31:18.0906 2860 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 23:31:18.0951 2860 Beep - ok 23:31:19.0019 2860 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll 23:31:19.0061 2860 BFE - ok 23:31:19.0109 2860 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll 23:31:19.0313 2860 BITS - ok 23:31:19.0383 2860 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 23:31:19.0413 2860 blbdrive - ok 23:31:19.0726 2860 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe 23:31:19.0817 2860 Bonjour Service - ok 23:31:19.0948 2860 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 23:31:20.0057 2860 bowser - ok 23:31:20.0074 2860 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:31:20.0134 2860 BrFiltLo - ok 23:31:20.0163 2860 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:31:20.0211 2860 BrFiltUp - ok 23:31:20.0274 2860 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll 23:31:20.0325 2860 Browser - ok 23:31:20.0358 2860 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 23:31:20.0389 2860 Brserid - ok 23:31:20.0409 2860 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 23:31:20.0441 2860 BrSerWdm - ok 23:31:20.0465 2860 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 23:31:20.0503 2860 BrUsbMdm - ok 23:31:20.0526 2860 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 23:31:20.0554 2860 BrUsbSer - ok 23:31:20.0570 2860 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 23:31:20.0592 2860 BTHMODEM - ok 23:31:20.0631 2860 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll 23:31:20.0665 2860 bthserv - ok 23:31:20.0697 2860 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 23:31:20.0719 2860 cdfs - ok 23:31:20.0765 2860 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 23:31:20.0779 2860 cdrom - ok 23:31:20.0806 2860 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 23:31:20.0829 2860 CertPropSvc - ok 23:31:20.0840 2860 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 23:31:20.0852 2860 circlass - ok 23:31:20.0883 2860 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 23:31:20.0895 2860 CLFS - ok 23:31:20.0953 2860 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:31:20.0981 2860 clr_optimization_v2.0.50727_32 - ok 23:31:21.0079 2860 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:31:21.0111 2860 clr_optimization_v4.0.30319_32 - ok 23:31:21.0154 2860 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 23:31:21.0175 2860 CmBatt - ok 23:31:21.0207 2860 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 23:31:21.0219 2860 cmdide - ok 23:31:21.0246 2860 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 23:31:21.0281 2860 CNG - ok 23:31:21.0303 2860 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 23:31:21.0316 2860 Compbatt - ok 23:31:21.0364 2860 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 23:31:21.0391 2860 CompositeBus - ok 23:31:21.0403 2860 COMSysApp - ok 23:31:21.0422 2860 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 23:31:21.0431 2860 crcdisk - ok 23:31:21.0465 2860 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll 23:31:21.0487 2860 CryptSvc - ok 23:31:21.0528 2860 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 23:31:21.0583 2860 CSC - ok 23:31:21.0668 2860 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll 23:31:21.0691 2860 CscService - ok 23:31:21.0713 2860 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 23:31:21.0755 2860 DcomLaunch - ok 23:31:21.0824 2860 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll 23:31:21.0870 2860 defragsvc - ok 23:31:21.0904 2860 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 23:31:21.0942 2860 DfsC - ok 23:31:21.0998 2860 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll 23:31:22.0026 2860 Dhcp - ok 23:31:22.0045 2860 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 23:31:22.0079 2860 discache - ok 23:31:22.0128 2860 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 23:31:22.0139 2860 Disk - ok 23:31:22.0178 2860 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll 23:31:22.0209 2860 Dnscache - ok 23:31:22.0248 2860 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll 23:31:22.0286 2860 dot3svc - ok 23:31:22.0328 2860 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll 23:31:22.0359 2860 DPS - ok 23:31:22.0395 2860 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 23:31:22.0419 2860 drmkaud - ok 23:31:22.0452 2860 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 23:31:22.0468 2860 DXGKrnl - ok 23:31:22.0519 2860 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys 23:31:22.0529 2860 eamonm - ok 23:31:22.0550 2860 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll 23:31:22.0589 2860 EapHost - ok 23:31:22.0660 2860 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 23:31:22.0740 2860 ebdrv - ok 23:31:22.0769 2860 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe 23:31:22.0781 2860 EFS - ok 23:31:22.0842 2860 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys 23:31:22.0849 2860 ehdrv - ok 23:31:22.0898 2860 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe 23:31:22.0948 2860 ehRecvr - ok 23:31:22.0963 2860 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe 23:31:22.0998 2860 ehSched - ok 23:31:23.0061 2860 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 23:31:23.0076 2860 ekrn - ok 23:31:23.0134 2860 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys 23:31:23.0142 2860 ElbyCDFL - ok 23:31:23.0289 2860 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\Windows\system32\Drivers\ElbyCDIO.sys 23:31:23.0329 2860 ElbyCDIO - ok 23:31:23.0351 2860 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 23:31:23.0374 2860 elxstor - ok 23:31:23.0396 2860 epfwwfpr (f39c91795ebdb9ecbeb5a388ff2841fe) C:\Windows\system32\DRIVERS\epfwwfpr.sys 23:31:23.0404 2860 epfwwfpr - ok 23:31:23.0439 2860 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 23:31:23.0460 2860 ErrDev - ok 23:31:23.0495 2860 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll 23:31:23.0531 2860 EventSystem - ok 23:31:23.0544 2860 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 23:31:23.0575 2860 exfat - ok 23:31:23.0598 2860 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 23:31:23.0631 2860 fastfat - ok 23:31:23.0676 2860 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe 23:31:23.0725 2860 Fax - ok 23:31:23.0744 2860 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 23:31:23.0767 2860 fdc - ok 23:31:23.0804 2860 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll 23:31:23.0840 2860 fdPHost - ok 23:31:23.0870 2860 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll 23:31:23.0906 2860 FDResPub - ok 23:31:23.0946 2860 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 23:31:23.0959 2860 FileInfo - ok 23:31:23.0986 2860 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 23:31:24.0017 2860 Filetrace - ok 23:31:24.0049 2860 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 23:31:24.0074 2860 flpydisk - ok 23:31:24.0109 2860 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 23:31:24.0122 2860 FltMgr - ok 23:31:24.0178 2860 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll 23:31:24.0234 2860 FontCache - ok 23:31:24.0286 2860 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 23:31:24.0295 2860 FontCache3.0.0.0 - ok 23:31:24.0320 2860 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 23:31:24.0329 2860 FsDepends - ok 23:31:24.0351 2860 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 23:31:24.0361 2860 Fs_Rec - ok 23:31:24.0388 2860 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 23:31:24.0403 2860 fvevol - ok 23:31:24.0415 2860 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 23:31:24.0424 2860 gagp30kx - ok 23:31:24.0460 2860 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 23:31:24.0465 2860 GEARAspiWDM - ok 23:31:24.0504 2860 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys 23:31:24.0534 2860 ggflt - ok 23:31:24.0570 2860 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys 23:31:24.0580 2860 ggsemc - ok 23:31:24.0633 2860 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll 23:31:24.0673 2860 gpsvc - ok 23:31:24.0732 2860 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 23:31:24.0741 2860 gupdate - ok 23:31:24.0754 2860 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 23:31:24.0760 2860 gupdatem - ok 23:31:24.0793 2860 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys 23:31:24.0802 2860 hamachi - ok 23:31:24.0816 2860 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 23:31:24.0847 2860 hcw85cir - ok 23:31:24.0898 2860 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 23:31:24.0925 2860 HdAudAddService - ok 23:31:24.0957 2860 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 23:31:24.0984 2860 HDAudBus - ok 23:31:25.0003 2860 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 23:31:25.0036 2860 HidBatt - ok 23:31:25.0049 2860 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 23:31:25.0074 2860 HidBth - ok 23:31:25.0094 2860 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 23:31:25.0111 2860 HidIr - ok 23:31:25.0133 2860 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll 23:31:25.0161 2860 hidserv - ok 23:31:25.0222 2860 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 23:31:25.0246 2860 HidUsb - ok 23:31:25.0274 2860 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll 23:31:25.0303 2860 hkmsvc - ok 23:31:25.0347 2860 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll 23:31:25.0392 2860 HomeGroupListener - ok 23:31:25.0425 2860 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll 23:31:25.0465 2860 HomeGroupProvider - ok 23:31:25.0500 2860 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 23:31:25.0514 2860 HpSAMD - ok 23:31:25.0557 2860 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 23:31:25.0595 2860 HTTP - ok 23:31:25.0666 2860 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 23:31:25.0679 2860 hwpolicy - ok 23:31:25.0728 2860 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 23:31:25.0752 2860 i8042prt - ok 23:31:25.0784 2860 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 23:31:25.0805 2860 iaStorV - ok 23:31:25.0866 2860 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 23:31:25.0899 2860 idsvc - ok 23:31:25.0918 2860 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 23:31:25.0927 2860 iirsp - ok 23:31:25.0973 2860 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll 23:31:26.0018 2860 IKEEXT - ok 23:31:26.0037 2860 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 23:31:26.0046 2860 intelide - ok 23:31:26.0066 2860 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 23:31:26.0095 2860 intelppm - ok 23:31:26.0132 2860 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll 23:31:26.0167 2860 IPBusEnum - ok 23:31:26.0179 2860 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:31:26.0211 2860 IpFilterDriver - ok 23:31:26.0249 2860 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll 23:31:26.0277 2860 iphlpsvc - ok 23:31:26.0296 2860 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 23:31:26.0308 2860 IPMIDRV - ok 23:31:26.0328 2860 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 23:31:26.0355 2860 IPNAT - ok 23:31:26.0449 2860 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe 23:31:26.0497 2860 iPod Service - ok 23:31:26.0520 2860 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 23:31:26.0559 2860 IRENUM - ok 23:31:26.0594 2860 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 23:31:26.0621 2860 isapnp - ok 23:31:26.0763 2860 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 23:31:26.0781 2860 iScsiPrt - ok 23:31:27.0025 2860 ISODrive (2f03ceb28307983f3b36216d35ffa5aa) C:\Program Files\UltraISO\drivers\ISODrive.sys 23:31:27.0036 2860 ISODrive - ok 23:31:27.0202 2860 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 23:31:27.0213 2860 kbdclass - ok 23:31:27.0248 2860 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 23:31:27.0274 2860 kbdhid - ok 23:31:27.0308 2860 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 23:31:27.0323 2860 KeyIso - ok 23:31:27.0361 2860 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 23:31:27.0375 2860 KSecDD - ok 23:31:27.0397 2860 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 23:31:27.0424 2860 KSecPkg - ok 23:31:27.0450 2860 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll 23:31:27.0490 2860 KtmRm - ok 23:31:27.0526 2860 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll 23:31:27.0561 2860 LanmanServer - ok 23:31:27.0589 2860 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll 23:31:27.0627 2860 LanmanWorkstation - ok 23:31:27.0724 2860 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys 23:31:27.0764 2860 lirsgt - ok 23:31:27.0808 2860 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 23:31:27.0847 2860 lltdio - ok 23:31:27.0888 2860 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll 23:31:27.0923 2860 lltdsvc - ok 23:31:27.0955 2860 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll 23:31:28.0005 2860 lmhosts - ok 23:31:28.0027 2860 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 23:31:28.0038 2860 LSI_FC - ok 23:31:28.0050 2860 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 23:31:28.0078 2860 LSI_SAS - ok 23:31:28.0092 2860 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:31:28.0102 2860 LSI_SAS2 - ok 23:31:28.0122 2860 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:31:28.0132 2860 LSI_SCSI - ok 23:31:28.0155 2860 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 23:31:28.0187 2860 luafv - ok 23:31:28.0225 2860 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll 23:31:28.0237 2860 Mcx2Svc - ok 23:31:28.0249 2860 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 23:31:28.0257 2860 megasas - ok 23:31:28.0275 2860 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 23:31:28.0288 2860 MegaSR - ok 23:31:28.0391 2860 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 23:31:28.0435 2860 MMCSS - ok 23:31:28.0449 2860 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 23:31:28.0470 2860 Modem - ok 23:31:28.0494 2860 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 23:31:28.0512 2860 monitor - ok 23:31:28.0534 2860 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 23:31:28.0542 2860 mouclass - ok 23:31:28.0576 2860 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 23:31:28.0589 2860 mouhid - ok 23:31:28.0740 2860 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 23:31:28.0761 2860 mountmgr - ok 23:31:28.0943 2860 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 23:31:28.0978 2860 mpio - ok 23:31:29.0121 2860 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 23:31:29.0162 2860 mpsdrv - ok 23:31:29.0239 2860 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll 23:31:29.0279 2860 MpsSvc - ok 23:31:29.0332 2860 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 23:31:29.0362 2860 MRxDAV - ok 23:31:29.0417 2860 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 23:31:29.0490 2860 mrxsmb - ok 23:31:29.0531 2860 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:31:29.0576 2860 mrxsmb10 - ok 23:31:30.0164 2860 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:31:30.0190 2860 mrxsmb20 - ok 23:31:30.0646 2860 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 23:31:30.0662 2860 msahci - ok 23:31:30.0884 2860 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 23:31:30.0914 2860 msdsm - ok 23:31:31.0004 2860 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe 23:31:31.0038 2860 MSDTC - ok 23:31:31.0073 2860 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 23:31:31.0120 2860 Msfs - ok 23:31:31.0155 2860 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 23:31:31.0188 2860 mshidkmdf - ok 23:31:31.0206 2860 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 23:31:31.0214 2860 msisadrv - ok 23:31:31.0243 2860 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll 23:31:31.0276 2860 MSiSCSI - ok 23:31:31.0287 2860 msiserver - ok 23:31:31.0311 2860 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 23:31:31.0342 2860 MSKSSRV - ok 23:31:31.0373 2860 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 23:31:31.0405 2860 MSPCLOCK - ok 23:31:31.0424 2860 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 23:31:31.0448 2860 MSPQM - ok 23:31:31.0472 2860 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 23:31:31.0486 2860 MsRPC - ok 23:31:31.0501 2860 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 23:31:31.0509 2860 mssmbios - ok 23:31:31.0531 2860 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 23:31:31.0573 2860 MSTEE - ok 23:31:31.0584 2860 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 23:31:31.0605 2860 MTConfig - ok 23:31:31.0925 2860 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys 23:31:31.0945 2860 MTsensor - ok 23:31:31.0966 2860 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 23:31:31.0976 2860 Mup - ok 23:31:32.0010 2860 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll 23:31:32.0037 2860 napagent - ok 23:31:32.0068 2860 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 23:31:32.0090 2860 NativeWifiP - ok 23:31:32.0137 2860 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 23:31:32.0176 2860 NDIS - ok 23:31:32.0207 2860 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 23:31:32.0229 2860 NdisCap - ok 23:31:32.0258 2860 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 23:31:32.0289 2860 NdisTapi - ok 23:31:32.0337 2860 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 23:31:32.0375 2860 Ndisuio - ok 23:31:32.0409 2860 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 23:31:32.0442 2860 NdisWan - ok 23:31:32.0467 2860 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 23:31:32.0499 2860 NDProxy - ok 23:31:32.0592 2860 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 23:31:32.0658 2860 Nero BackItUp Scheduler 3 - ok 23:31:32.0677 2860 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 23:31:32.0716 2860 NetBIOS - ok 23:31:32.0740 2860 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 23:31:32.0763 2860 NetBT - ok 23:31:32.0789 2860 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 23:31:32.0800 2860 Netlogon - ok 23:31:32.0845 2860 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll 23:31:32.0890 2860 Netman - ok 23:31:33.0009 2860 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 23:31:33.0032 2860 NetMsmqActivator - ok 23:31:33.0044 2860 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 23:31:33.0051 2860 NetPipeActivator - ok 23:31:33.0073 2860 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll 23:31:33.0103 2860 netprofm - ok 23:31:33.0127 2860 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 23:31:33.0134 2860 NetTcpActivator - ok 23:31:33.0138 2860 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 23:31:33.0144 2860 NetTcpPortSharing - ok 23:31:33.0173 2860 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 23:31:33.0182 2860 nfrd960 - ok 23:31:33.0220 2860 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll 23:31:33.0263 2860 NlaSvc - ok 23:31:33.0406 2860 NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe 23:31:33.0493 2860 NMIndexingService - ok 23:31:33.0510 2860 nmwcdnsu - ok 23:31:33.0528 2860 nmwcdnsuc - ok 23:31:33.0582 2860 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 23:31:33.0619 2860 Npfs - ok 23:31:33.0682 2860 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll 23:31:33.0725 2860 nsi - ok 23:31:33.0748 2860 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 23:31:33.0771 2860 nsiproxy - ok 23:31:33.0831 2860 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 23:31:33.0872 2860 Ntfs - ok 23:31:33.0890 2860 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 23:31:33.0939 2860 Null - ok 23:31:34.0134 2860 nvlddmkm (f452e6ad3eda2852f44be492e283c40f) C:\Windows\system32\DRIVERS\nvlddmkm.sys 23:31:34.0269 2860 nvlddmkm - ok 23:31:34.0446 2860 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 23:31:34.0457 2860 nvraid - ok 23:31:34.0494 2860 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 23:31:34.0505 2860 nvstor - ok 23:31:34.0553 2860 nvsvc (70145ade9efe2ce296dd5fc761b4969b) C:\Windows\system32\nvvsvc.exe 23:31:34.0582 2860 nvsvc - ok 23:31:34.0709 2860 nvUpdatusService (d3acc38a963b71bd4d2dfdc1050219b9) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 23:31:34.0794 2860 nvUpdatusService - ok 23:31:34.0830 2860 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 23:31:34.0840 2860 nv_agp - ok 23:31:34.0901 2860 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 23:31:34.0934 2860 odserv - ok 23:31:34.0973 2860 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 23:31:34.0993 2860 ohci1394 - ok 23:31:35.0031 2860 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:31:35.0041 2860 ose - ok 23:31:35.0071 2860 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 23:31:35.0097 2860 p2pimsvc - ok 23:31:35.0118 2860 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll 23:31:35.0135 2860 p2psvc - ok 23:31:35.0151 2860 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 23:31:35.0162 2860 Parport - ok 23:31:35.0192 2860 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 23:31:35.0201 2860 partmgr - ok 23:31:35.0222 2860 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 23:31:35.0252 2860 Parvdm - ok 23:31:35.0272 2860 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll 23:31:35.0288 2860 PcaSvc - ok 23:31:35.0321 2860 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 23:31:35.0333 2860 pci - ok 23:31:35.0357 2860 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 23:31:35.0366 2860 pciide - ok 23:31:35.0390 2860 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 23:31:35.0409 2860 pcmcia - ok 23:31:35.0430 2860 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 23:31:35.0439 2860 pcw - ok 23:31:35.0474 2860 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 23:31:35.0514 2860 PEAUTH - ok 23:31:35.0557 2860 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll 23:31:35.0599 2860 PeerDistSvc - ok 23:31:35.0676 2860 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll 23:31:35.0747 2860 pla - ok 23:31:35.0787 2860 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe 23:31:35.0793 2860 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning 23:31:35.0793 2860 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1) 23:31:35.0835 2860 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll 23:31:35.0876 2860 PlugPlay - ok 23:31:35.0899 2860 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe 23:31:35.0911 2860 PnkBstrA - ok 23:31:35.0927 2860 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll 23:31:35.0948 2860 PNRPAutoReg - ok 23:31:35.0964 2860 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll 23:31:35.0981 2860 PNRPsvc - ok 23:31:36.0009 2860 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll 23:31:36.0035 2860 PolicyAgent - ok 23:31:36.0088 2860 portio32 (09687a361c9f1418973a4ae17d2f52cc) C:\Windows\system32\drivers\portio32.sys 23:31:36.0093 2860 portio32 ( UnsignedFile.Multi.Generic ) - warning 23:31:36.0093 2860 portio32 - detected UnsignedFile.Multi.Generic (1) 23:31:36.0128 2860 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll 23:31:36.0160 2860 Power - ok 23:31:36.0179 2860 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 23:31:36.0204 2860 PptpMiniport - ok 23:31:36.0221 2860 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 23:31:36.0243 2860 Processor - ok 23:31:36.0275 2860 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll 23:31:36.0297 2860 ProfSvc - ok 23:31:36.0329 2860 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 23:31:36.0339 2860 ProtectedStorage - ok 23:31:36.0357 2860 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 23:31:36.0392 2860 Psched - ok 23:31:36.0425 2860 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 23:31:36.0467 2860 ql2300 - ok 23:31:36.0486 2860 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 23:31:36.0508 2860 ql40xx - ok 23:31:36.0533 2860 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll 23:31:36.0550 2860 QWAVE - ok 23:31:36.0570 2860 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 23:31:36.0600 2860 QWAVEdrv - ok 23:31:36.0663 2860 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 23:31:36.0695 2860 RasAcd - ok 23:31:36.0736 2860 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 23:31:36.0780 2860 RasAgileVpn - ok 23:31:36.0801 2860 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll 23:31:36.0836 2860 RasAuto - ok 23:31:36.0865 2860 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 23:31:36.0894 2860 Rasl2tp - ok 23:31:36.0931 2860 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll 23:31:36.0956 2860 RasMan - ok 23:31:36.0976 2860 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 23:31:36.0997 2860 RasPppoe - ok 23:31:37.0018 2860 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 23:31:37.0051 2860 RasSstp - ok 23:31:37.0095 2860 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 23:31:37.0132 2860 rdbss - ok 23:31:37.0157 2860 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 23:31:37.0170 2860 rdpbus - ok 23:31:37.0201 2860 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 23:31:37.0221 2860 RDPCDD - ok 23:31:37.0261 2860 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 23:31:37.0280 2860 RDPDR - ok 23:31:37.0302 2860 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 23:31:37.0336 2860 RDPENCDD - ok 23:31:37.0405 2860 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 23:31:37.0431 2860 RDPREFMP - ok 23:31:37.0482 2860 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 23:31:37.0513 2860 RdpVideoMiniport - ok 23:31:37.0548 2860 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 23:31:37.0587 2860 RDPWD - ok 23:31:37.0626 2860 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 23:31:37.0638 2860 rdyboost - ok 23:31:37.0680 2860 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll 23:31:37.0718 2860 RemoteAccess - ok 23:31:37.0754 2860 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll 23:31:37.0778 2860 RemoteRegistry - ok 23:31:37.0808 2860 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll 23:31:37.0849 2860 RpcEptMapper - ok 23:31:37.0865 2860 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe 23:31:37.0882 2860 RpcLocator - ok 23:31:37.0922 2860 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll 23:31:37.0943 2860 RpcSs - ok 23:31:37.0971 2860 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 23:31:37.0992 2860 rspndr - ok 23:31:38.0049 2860 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\Windows\system32\DRIVERS\s1018bus.sys 23:31:38.0057 2860 s1018bus - ok 23:31:38.0100 2860 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\Windows\system32\DRIVERS\s1018mdfl.sys 23:31:38.0119 2860 s1018mdfl - ok 23:31:38.0153 2860 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\Windows\system32\DRIVERS\s1018mdm.sys 23:31:38.0184 2860 s1018mdm - ok 23:31:38.0260 2860 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\Windows\system32\DRIVERS\s1018mgmt.sys 23:31:38.0348 2860 s1018mgmt - ok 23:31:38.0398 2860 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\Windows\system32\DRIVERS\s1018nd5.sys 23:31:38.0407 2860 s1018nd5 - ok 23:31:38.0450 2860 s1018obex (49431efda842b474531c29ffae9f5d09) C:\Windows\system32\DRIVERS\s1018obex.sys 23:31:38.0461 2860 s1018obex - ok 23:31:38.0481 2860 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\Windows\system32\DRIVERS\s1018unic.sys 23:31:38.0494 2860 s1018unic - ok 23:31:38.0531 2860 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 23:31:38.0563 2860 s3cap - ok 23:31:38.0586 2860 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 23:31:38.0596 2860 SamSs - ok 23:31:38.0649 2860 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 23:31:38.0659 2860 sbp2port - ok 23:31:38.0686 2860 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll 23:31:38.0717 2860 SCardSvr - ok 23:31:38.0741 2860 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 23:31:38.0762 2860 scfilter - ok 23:31:38.0808 2860 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll 23:31:38.0853 2860 Schedule - ok 23:31:38.0880 2860 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll 23:31:38.0898 2860 SCPolicySvc - ok 23:31:38.0935 2860 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll 23:31:38.0965 2860 SDRSVC - ok 23:31:38.0994 2860 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 23:31:39.0028 2860 secdrv - ok 23:31:39.0062 2860 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll 23:31:39.0089 2860 seclogon - ok 23:31:39.0136 2860 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys 23:31:39.0155 2860 seehcri - ok 23:31:39.0187 2860 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll 23:31:39.0218 2860 SENS - ok 23:31:39.0249 2860 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll 23:31:39.0289 2860 SensrSvc - ok 23:31:39.0310 2860 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 23:31:39.0320 2860 Serenum - ok 23:31:39.0342 2860 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 23:31:39.0354 2860 Serial - ok 23:31:39.0388 2860 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 23:31:39.0401 2860 sermouse - ok 23:31:39.0438 2860 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll 23:31:39.0462 2860 SessionEnv - ok 23:31:39.0492 2860 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 23:31:39.0560 2860 sffdisk - ok 23:31:39.0582 2860 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 23:31:39.0601 2860 sffp_mmc - ok 23:31:39.0630 2860 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 23:31:39.0651 2860 sffp_sd - ok 23:31:39.0672 2860 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 23:31:39.0684 2860 sfloppy - ok 23:31:39.0724 2860 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll 23:31:39.0759 2860 SharedAccess - ok 23:31:39.0790 2860 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll 23:31:39.0819 2860 ShellHWDetection - ok 23:31:39.0847 2860 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 23:31:39.0857 2860 sisagp - ok 23:31:39.0890 2860 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:31:39.0900 2860 SiSRaid2 - ok 23:31:39.0917 2860 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 23:31:39.0928 2860 SiSRaid4 - ok 23:31:39.0946 2860 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 23:31:39.0968 2860 Smb - ok 23:31:40.0010 2860 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe 23:31:40.0022 2860 SNMPTRAP - ok 23:31:40.0039 2860 snpstd - ok 23:31:40.0104 2860 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe 23:31:40.0116 2860 Sony PC Companion - ok 23:31:40.0140 2860 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 23:31:40.0152 2860 spldr - ok 23:31:40.0188 2860 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe 23:31:40.0227 2860 Spooler - ok 23:31:40.0295 2860 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe 23:31:40.0378 2860 sppsvc - ok 23:31:40.0410 2860 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll 23:31:40.0432 2860 sppuinotify - ok 23:31:40.0473 2860 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys 23:31:40.0481 2860 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9 23:31:40.0482 2860 sptd ( LockedFile.Multi.Generic ) - warning 23:31:40.0482 2860 sptd - detected LockedFile.Multi.Generic (1) 23:31:40.0519 2860 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 23:31:40.0562 2860 srv - ok 23:31:40.0602 2860 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 23:31:40.0636 2860 srv2 - ok 23:31:40.0671 2860 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 23:31:40.0683 2860 srvnet - ok 23:31:40.0712 2860 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll 23:31:40.0741 2860 SSDPSRV - ok 23:31:40.0769 2860 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll 23:31:40.0807 2860 SstpSvc - ok 23:31:40.0849 2860 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys 23:31:40.0854 2860 StarOpen ( UnsignedFile.Multi.Generic ) - warning 23:31:40.0854 2860 StarOpen - detected UnsignedFile.Multi.Generic (1) 23:31:40.0894 2860 Steam Client Service - ok 23:31:40.0948 2860 Stereo Service (8544a200c40447e465f06e58687428bb) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 23:31:40.0967 2860 Stereo Service - ok 23:31:40.0990 2860 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 23:31:41.0004 2860 stexstor - ok 23:31:41.0044 2860 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll 23:31:41.0081 2860 StiSvc - ok 23:31:41.0104 2860 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 23:31:41.0128 2860 storflt - ok 23:31:41.0152 2860 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 23:31:41.0162 2860 storvsc - ok 23:31:41.0180 2860 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 23:31:41.0188 2860 swenum - ok 23:31:41.0219 2860 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll 23:31:41.0257 2860 swprv - ok 23:31:41.0284 2860 Synth3dVsc - ok 23:31:41.0329 2860 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll 23:31:41.0379 2860 SysMain - ok 23:31:41.0419 2860 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll 23:31:41.0435 2860 TabletInputService - ok 23:31:41.0469 2860 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll 23:31:41.0513 2860 TapiSrv - ok 23:31:41.0547 2860 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll 23:31:41.0569 2860 TBS - ok 23:31:41.0641 2860 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys 23:31:41.0712 2860 Tcpip - ok 23:31:41.0775 2860 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys 23:31:41.0796 2860 TCPIP6 - ok 23:31:41.0839 2860 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 23:31:41.0887 2860 tcpipreg - ok 23:31:41.0923 2860 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 23:31:41.0963 2860 TDPIPE - ok 23:31:41.0980 2860 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 23:31:42.0000 2860 TDTCP - ok 23:31:42.0034 2860 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 23:31:42.0061 2860 tdx - ok 23:31:42.0087 2860 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 23:31:42.0096 2860 TermDD - ok 23:31:42.0136 2860 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll 23:31:42.0165 2860 TermService - ok 23:31:42.0183 2860 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll 23:31:42.0203 2860 Themes - ok 23:31:42.0233 2860 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll 23:31:42.0254 2860 THREADORDER - ok 23:31:42.0270 2860 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll 23:31:42.0301 2860 TrkWks - ok 23:31:42.0335 2860 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe 23:31:42.0383 2860 TrustedInstaller - ok 23:31:42.0410 2860 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 23:31:42.0451 2860 tssecsrv - ok 23:31:42.0484 2860 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 23:31:42.0511 2860 TsUsbFlt - ok 23:31:42.0525 2860 tsusbhub - ok 23:31:42.0568 2860 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 23:31:42.0594 2860 tunnel - ok 23:31:42.0620 2860 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 23:31:42.0640 2860 uagp35 - ok 23:31:42.0669 2860 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 23:31:42.0705 2860 udfs - ok 23:31:42.0728 2860 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe 23:31:42.0741 2860 UI0Detect - ok 23:31:42.0781 2860 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 23:31:42.0799 2860 uliagpkx - ok 23:31:42.0845 2860 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 23:31:42.0856 2860 umbus - ok 23:31:42.0884 2860 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 23:31:42.0907 2860 UmPass - ok 23:31:42.0954 2860 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll 23:31:42.0993 2860 UmRdpService - ok 23:31:43.0029 2860 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll 23:31:43.0060 2860 upnphost - ok 23:31:43.0086 2860 upperdev - ok 23:31:43.0124 2860 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys 23:31:43.0159 2860 USBAAPL - ok 23:31:43.0192 2860 usbbus (8ef48ff1c23b1ce6f96d09a45959eb20) C:\Windows\system32\DRIVERS\lgusbbus.sys 23:31:43.0212 2860 usbbus - ok 23:31:43.0248 2860 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 23:31:43.0275 2860 usbccgp - ok 23:31:43.0300 2860 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 23:31:43.0334 2860 usbcir - ok 23:31:43.0358 2860 UsbDiag (a0e24c5c2d0cff04bbd3753a72fae80b) C:\Windows\system32\DRIVERS\lgusbdiag.sys 23:31:43.0371 2860 UsbDiag - ok 23:31:43.0411 2860 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 23:31:43.0426 2860 usbehci - ok 23:31:43.0474 2860 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\drivers\usbhub.sys 23:31:43.0509 2860 usbhub - ok 23:31:43.0531 2860 USBModem (cc09a1132b1f6a8362107cc134e90d0b) C:\Windows\system32\DRIVERS\lgusbmodem.sys 23:31:43.0560 2860 USBModem - ok 23:31:43.0586 2860 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys 23:31:43.0616 2860 usbohci - ok 23:31:43.0641 2860 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 23:31:43.0657 2860 usbprint - ok 23:31:43.0703 2860 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 23:31:43.0728 2860 usbscan - ok 23:31:43.0763 2860 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:31:43.0781 2860 USBSTOR - ok 23:31:43.0811 2860 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 23:31:43.0838 2860 usbuhci - ok 23:31:43.0878 2860 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys 23:31:43.0893 2860 usbvideo - ok 23:31:43.0910 2860 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll 23:31:43.0941 2860 UxSms - ok 23:31:43.0974 2860 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe 23:31:43.0988 2860 VaultSvc - ok 23:31:44.0026 2860 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 23:31:44.0040 2860 vdrvroot - ok 23:31:44.0084 2860 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe 23:31:44.0145 2860 vds - ok 23:31:44.0173 2860 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 23:31:44.0185 2860 vga - ok 23:31:44.0204 2860 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 23:31:44.0225 2860 VgaSave - ok 23:31:44.0236 2860 VGPU - ok 23:31:44.0267 2860 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 23:31:44.0280 2860 vhdmp - ok 23:31:44.0314 2860 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 23:31:44.0324 2860 viaagp - ok 23:31:44.0356 2860 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 23:31:44.0368 2860 ViaC7 - ok 23:31:44.0394 2860 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 23:31:44.0403 2860 viaide - ok 23:31:44.0436 2860 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 23:31:44.0449 2860 vmbus - ok 23:31:44.0480 2860 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 23:31:44.0491 2860 VMBusHID - ok 23:31:44.0522 2860 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 23:31:44.0532 2860 volmgr - ok 23:31:44.0554 2860 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 23:31:44.0569 2860 volmgrx - ok 23:31:44.0606 2860 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 23:31:44.0619 2860 volsnap - ok 23:31:44.0644 2860 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 23:31:44.0655 2860 vsmraid - ok 23:31:44.0708 2860 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe 23:31:44.0773 2860 VSS - ok 23:31:44.0795 2860 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 23:31:44.0810 2860 vwifibus - ok 23:31:44.0849 2860 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll 23:31:44.0898 2860 W32Time - ok 23:31:44.0919 2860 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 23:31:44.0932 2860 WacomPen - ok 23:31:44.0969 2860 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 23:31:45.0029 2860 WANARP - ok 23:31:45.0032 2860 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 23:31:45.0050 2860 Wanarpv6 - ok 23:31:45.0156 2860 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe 23:31:45.0206 2860 WatAdminSvc - ok 23:31:45.0267 2860 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe 23:31:45.0330 2860 wbengine - ok 23:31:45.0354 2860 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll 23:31:45.0371 2860 WbioSrvc - ok 23:31:45.0403 2860 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll 23:31:45.0423 2860 wcncsvc - ok 23:31:45.0438 2860 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll 23:31:45.0461 2860 WcsPlugInService - ok 23:31:45.0483 2860 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 23:31:45.0493 2860 Wd - ok 23:31:45.0514 2860 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 23:31:45.0531 2860 Wdf01000 - ok 23:31:45.0553 2860 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 23:31:45.0592 2860 WdiServiceHost - ok 23:31:45.0596 2860 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll 23:31:45.0609 2860 WdiSystemHost - ok 23:31:45.0643 2860 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll 23:31:45.0672 2860 WebClient - ok 23:31:45.0686 2860 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll 23:31:45.0715 2860 Wecsvc - ok 23:31:45.0731 2860 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll 23:31:45.0752 2860 wercplsupport - ok 23:31:45.0779 2860 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll 23:31:45.0802 2860 WerSvc - ok 23:31:45.0832 2860 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 23:31:45.0854 2860 WfpLwf - ok 23:31:45.0872 2860 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 23:31:45.0884 2860 WIMMount - ok 23:31:45.0939 2860 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 23:31:46.0009 2860 WinDefend - ok 23:31:46.0014 2860 WinHttpAutoProxySvc - ok 23:31:46.0055 2860 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll 23:31:46.0077 2860 Winmgmt - ok 23:31:46.0128 2860 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll 23:31:46.0176 2860 WinRM - ok 23:31:46.0237 2860 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 23:31:46.0262 2860 WinUsb - ok 23:31:46.0294 2860 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll 23:31:46.0364 2860 Wlansvc - ok 23:31:46.0441 2860 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 23:31:46.0505 2860 wlidsvc - ok 23:31:46.0541 2860 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 23:31:46.0552 2860 WmiAcpi - ok 23:31:46.0581 2860 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe 23:31:46.0594 2860 wmiApSrv - ok 23:31:46.0648 2860 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 23:31:46.0701 2860 WMPNetworkSvc - ok 23:31:46.0732 2860 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll 23:31:46.0756 2860 WPCSvc - ok 23:31:46.0791 2860 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll 23:31:46.0844 2860 WPDBusEnum - ok 23:31:46.0867 2860 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 23:31:46.0906 2860 ws2ifsl - ok 23:31:46.0930 2860 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll 23:31:46.0963 2860 wscsvc - ok 23:31:46.0974 2860 WSearch - ok 23:31:47.0027 2860 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll 23:31:47.0086 2860 wuauserv - ok 23:31:47.0125 2860 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 23:31:47.0145 2860 WudfPf - ok 23:31:47.0209 2860 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 23:31:47.0239 2860 WUDFRd - ok 23:31:47.0279 2860 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll 23:31:47.0320 2860 wudfsvc - ok 23:31:47.0354 2860 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll 23:31:47.0385 2860 WwanSvc - ok 23:31:47.0431 2860 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys 23:31:47.0475 2860 yukonw7 - ok 23:31:47.0522 2860 ZSMC301b (1e41295eac56589efd9dc3ca14bf3fec) C:\Windows\system32\Drivers\usbVM31b.sys 23:31:47.0539 2860 ZSMC301b - ok 23:31:47.0551 2860 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 23:31:47.0589 2860 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 23:31:47.0589 2860 \Device\Harddisk0\DR0 - detected TDSS File System (1) 23:31:47.0591 2860 Boot (0x1200) (e133ab504d650c99a1a192b0a40334fb) \Device\Harddisk0\DR0\Partition0 23:31:47.0593 2860 \Device\Harddisk0\DR0\Partition0 - ok 23:31:47.0612 2860 Boot (0x1200) (d451d21d27994d64f0a1f2e26835a76a) \Device\Harddisk0\DR0\Partition1 23:31:47.0615 2860 \Device\Harddisk0\DR0\Partition1 - ok 23:31:47.0615 2860 ============================================================ 23:31:47.0615 2860 Scan finished 23:31:47.0615 2860 ============================================================ 23:31:47.0622 3168 Detected object count: 6 23:31:47.0622 3168 Actual detected object count: 6 23:31:56.0876 3168 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:31:56.0876 3168 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:31:56.0877 3168 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:31:56.0877 3168 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:31:56.0879 3168 portio32 ( UnsignedFile.Multi.Generic ) - skipped by user 23:31:56.0879 3168 portio32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:31:56.0880 3168 sptd ( LockedFile.Multi.Generic ) - skipped by user 23:31:56.0880 3168 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 23:31:56.0881 3168 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user 23:31:56.0881 3168 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:31:57.0009 3168 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine 23:31:57.0107 3168 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine 23:31:57.0186 3168 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine 23:31:57.0570 3168 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine 23:32:00.0339 3168 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine 23:32:00.0382 3168 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine 23:32:00.0792 3168 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine 23:32:01.0391 3168 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine 23:32:01.0777 3168 \Device\Harddisk0\DR0\TDLFS - deleted 23:32:01.0777 3168 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete 23:32:10.0804 1232 Deinitialize success [/log] [log]GMER 1.0.15.15641 - [url="http://www.gmer.net"]http://www.gmer.net[/url] Rootkit scan 2012-04-19 00:16:25 Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 ST3500320AS rev.SD15 Running: jh5ubgg3.exe; Driver: C:\Users\Kuba\AppData\Local\Temp\aftcaaog.sys ---- Kernel code sections - GMER 1.0.15 ---- .sptd2 C:\Windows\System32\Drivers\sptd.sys entry point in ".sptd2" section [0x8BF4A9E3] ? C:\Windows\System32\Drivers\sptd.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces. .text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9FE7D300, 0x3B6D8, 0xE8000020] .text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9FEDB300, 0x1BEE, 0xE8000020] ---- Threads - GMER 1.0.15 ---- Thread System [4:3988] A18CFF2E ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD6 0xD1 0xC6 0x04 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x24 0x5E 0x9F 0x6C ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD6 0x20 0xF7 0xAC ... Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x79 0x27 0x3B 0x2B ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD6 0xD1 0xC6 0x04 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x24 0x5E 0x9F 0x6C ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD6 0x20 0xF7 0xAC ... Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x79 0x27 0x3B 0x2B ... ---- EOF - GMER 1.0.15 ---- [/log]
Bugless komentarz 18 kwietnia 2012 komentarz 18 kwietnia 2012 Sprobuj za pomoca AVG Free, szczerze nie widzialem jeszcze syfu ktorego by nie usuna 1
Gość komentarz 19 kwietnia 2012 komentarz 19 kwietnia 2012 (edytowane) [quote]Pierwszy rotkit poszedł bez problemu akcją Cure, zaś drugi nie miał takiej opcji, więc wybrałem Delete i zamiast to usunąć skopiował to do kwarantanny, [/quote] Dobrze. Uruchom OTL i w oknie [b]Własne opcje skanowania/skrypt [/b]wklej: [code]:Files C:\ProgramData\Ask :OTL O33 - MountPoints2\{4b4dcbc0-0b7e-11e1-a92c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{4b4dcbc0-0b7e-11e1-a92c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe :Commands [emptyflash] [emptytemp][/code] Kliknij w Wykonaj skrypt. Zrób nowy skan [b]OTL oraz AdwCleaner[/b] z opcji [b]Search[/b]. Przedstaw raporty. 1
swiatek94 komentarz 19 kwietnia 2012 Autor komentarz 19 kwietnia 2012 (edytowane) Podrzucam logi [log]OTL logfile created on: 2012-04-19 14:06:56 - Run 3 OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,59% Memory free 3,35 Gb Paging File | 2,14 Gb Available in Paging File | 64,08% Paging File free Paging file location(s): d:\pagefile.sys 100 4900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 1,42 Gb Free Space | 4,16% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 29,30 Gb Free Space | 6,79% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Processes (All) ==========[/color] PRC - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe PRC - [2012-03-13 06:37:10 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe PRC - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2012-02-10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012-02-10 05:00:26 | 000,645,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe PRC - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe PRC - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe PRC - [2011-12-12 21:10:50 | 000,075,136 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe PRC - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-05-04 06:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe PRC - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2011-02-18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010-11-20 14:17:58 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe PRC - [2010-10-07 13:23:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch] PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe PRC - [2008-02-18 17:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe [color=#E56717]========== Modules (All) ==========[/color] MOD - [2012-04-14 16:08:12 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2012-03-30 12:33:32 | 000,995,840 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.dll MOD - [2012-03-26 10:14:28 | 000,851,456 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\Device.dll MOD - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe MOD - [2012-03-20 18:08:06 | 000,593,408 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\NewUI.dll MOD - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe MOD - [2012-03-13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll MOD - [2012-03-13 06:38:04 | 015,915,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll MOD - [2012-03-13 06:37:21 | 000,019,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll MOD - [2012-03-13 06:37:17 | 000,158,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll MOD - [2012-03-13 06:37:13 | 000,170,936 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll MOD - [2012-03-13 06:37:11 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll MOD - [2012-03-13 06:37:10 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe MOD - [2012-03-13 06:37:08 | 000,020,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll MOD - [2012-03-13 06:37:07 | 000,022,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll MOD - [2012-03-13 06:37:05 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll MOD - [2012-03-13 06:37:03 | 000,109,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll MOD - [2012-03-13 06:37:01 | 000,371,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll MOD - [2012-03-13 06:37:00 | 000,646,072 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll MOD - [2012-03-13 06:36:57 | 000,187,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll MOD - [2012-03-13 06:36:56 | 000,818,104 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll MOD - [2012-03-13 06:36:53 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-03-13 06:36:50 | 000,044,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll MOD - [2012-03-13 06:36:49 | 000,016,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll MOD - [2012-03-13 06:36:41 | 000,269,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll MOD - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe MOD - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe MOD - [2012-02-10 06:13:00 | 007,713,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll MOD - [2012-02-10 06:13:00 | 002,801,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll MOD - [2012-02-10 06:13:00 | 002,301,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll MOD - [2012-02-10 06:13:00 | 000,981,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll MOD - [2012-02-10 06:13:00 | 000,639,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll MOD - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe MOD - [2012-02-10 05:02:06 | 003,262,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvui.dll MOD - [2012-02-09 21:05:34 | 000,154,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvStereoApiI.dll MOD - [2012-02-09 21:05:28 | 000,691,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll MOD - [2012-02-09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2012-01-25 10:47:56 | 000,686,592 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\bvrpctln.dll MOD - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe MOD - [2012-01-16 11:25:54 | 000,192,000 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\WebServices.dll MOD - [2012-01-11 19:00:14 | 000,336,896 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\DownloadManager.dll MOD - [2012-01-11 18:58:40 | 000,271,360 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\Statistics.dll MOD - [2012-01-11 18:55:02 | 000,306,688 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\PluginManager.dll MOD - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe MOD - [2011-11-23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll MOD - [2011-11-17 07:38:39 | 001,288,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll MOD - [2011-11-04 01:02:45 | 012,279,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll MOD - [2011-11-04 00:47:42 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll MOD - [2011-11-04 00:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll MOD - [2011-11-04 00:40:43 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll MOD - [2011-11-04 00:39:47 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll MOD - [2011-11-04 00:32:17 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll MOD - [2011-09-22 13:11:56 | 000,410,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll MOD - [2011-09-22 13:09:44 | 000,093,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll MOD - [2011-09-22 13:07:26 | 000,183,904 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll MOD - [2011-09-22 13:05:24 | 000,394,024 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll MOD - [2011-09-22 13:04:32 | 001,044,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll MOD - [2011-09-22 13:02:30 | 000,101,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll MOD - [2011-09-22 13:01:56 | 000,097,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll MOD - [2011-09-22 13:00:52 | 000,245,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll MOD - [2011-07-16 06:27:30 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll MOD - [2011-07-16 06:27:30 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2011-07-04 19:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\ggsip.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll MOD - [2011-07-04 19:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\networkdao.dll MOD - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe MOD - [2011-06-17 03:02:31 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2011-06-17 03:01:15 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll MOD - [2011-06-17 03:01:14 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011-06-17 03:01:14 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011-05-24 14:20:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll MOD - [2011-05-24 14:20:46 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-04-04 14:14:46 | 000,113,664 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\WUNPACLN.dll MOD - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll MOD - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe MOD - [2011-02-19 08:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll MOD - [2011-02-17 11:00:46 | 000,327,680 | ---- | M] ([url="http://hunspell.sourceforge.net/"]http://hunspell.sourceforge.net/[/url]) -- C:\Program Files\Gadu-Gadu 10\libhunspell.dll MOD - [2011-02-17 11:00:44 | 000,319,488 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- C:\Program Files\Gadu-Gadu 10\libcurl.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2011-02-17 10:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files\Gadu-Gadu 10\libeay32.dll MOD - [2011-02-17 10:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files\Gadu-Gadu 10\ssleay32.dll MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll MOD - [2010-12-13 10:58:50 | 000,047,616 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll MOD - [2010-11-20 14:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll MOD - [2010-11-20 14:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll MOD - [2010-11-20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll MOD - [2010-11-20 14:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll MOD - [2010-11-20 14:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll MOD - [2010-11-20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll MOD - [2010-11-20 14:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll MOD - [2010-11-20 14:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll MOD - [2010-11-20 14:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll MOD - [2010-11-20 14:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll MOD - [2010-11-20 14:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll MOD - [2010-11-20 14:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll MOD - [2010-11-20 14:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll MOD - [2010-11-20 14:21:15 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll MOD - [2010-11-20 14:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll MOD - [2010-11-20 14:21:04 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll MOD - [2010-11-20 14:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll MOD - [2010-11-20 14:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL MOD - [2010-11-20 14:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll MOD - [2010-11-20 14:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll MOD - [2010-11-20 14:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll MOD - [2010-11-20 14:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll MOD - [2010-11-20 14:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll MOD - [2010-11-20 14:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll MOD - [2010-11-20 14:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2010-11-20 14:20:27 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll MOD - [2010-11-20 14:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll MOD - [2010-11-20 14:19:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll MOD - [2010-11-20 14:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll MOD - [2010-11-20 14:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll MOD - [2010-11-20 14:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll MOD - [2010-11-20 14:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll MOD - [2010-11-20 14:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll MOD - [2010-11-20 14:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll MOD - [2010-11-20 14:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL MOD - [2010-11-20 14:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll MOD - [2010-11-20 14:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll MOD - [2010-11-20 14:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll MOD - [2010-11-20 14:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll MOD - [2010-11-20 14:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll MOD - [2010-11-20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll MOD - [2010-11-20 14:18:25 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll MOD - [2010-11-20 14:18:25 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll MOD - [2010-11-20 14:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll MOD - [2010-11-20 14:18:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll MOD - [2010-11-20 14:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2010-11-20 14:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll MOD - [2010-11-20 14:18:05 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll MOD - [2010-11-20 14:18:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll MOD - [2010-11-20 14:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll MOD - [2010-11-20 14:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll MOD - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe MOD - [2010-11-20 14:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl MOD - [2010-11-20 14:16:50 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010-10-07 13:23:00 | 000,152,864 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mdnsNSP.dll MOD - [2009-09-23 16:05:04 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Gadu-Gadu 10\dbghelp.dll MOD - [2009-09-23 16:04:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll MOD - [2009-07-14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll MOD - [2009-07-14 03:16:21 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll MOD - [2009-07-14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll MOD - [2009-07-14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll MOD - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll MOD - [2009-07-14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll MOD - [2009-07-14 03:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll MOD - [2009-07-14 03:16:15 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll MOD - [2009-07-14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll MOD - [2009-07-14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll MOD - [2009-07-14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll MOD - [2009-07-14 03:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDist.dll MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll MOD - [2009-07-14 03:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009-07-14 03:16:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfos.dll MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll MOD - [2009-07-14 03:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll MOD - [2009-07-14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll MOD - [2009-07-14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll MOD - [2009-07-14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll MOD - [2009-07-14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll MOD - [2009-07-14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll MOD - [2009-07-14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll MOD - [2009-07-14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll MOD - [2009-07-14 03:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll MOD - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll MOD - [2009-07-14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009-07-14 03:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll MOD - [2009-07-14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll MOD - [2009-07-14 03:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll MOD - [2009-07-14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll MOD - [2009-07-14 03:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll MOD - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll MOD - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009-07-14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll MOD - [2009-07-14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll MOD - [2008-10-25 10:27:54 | 000,044,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-04-14 16:08:12 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-06-04 11:03:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-06-13 02:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2012-02-10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-11-10 11:22:55 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2011-08-09 15:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 10:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-05-16 22:49:27 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2010-05-16 22:48:26 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010-05-16 22:48:26 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2010-03-19 16:14:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-03-19 16:14:12 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-03-25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009-03-25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV - [2009-03-25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV - [2009-03-25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009-03-25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV - [2009-03-25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV - [2009-03-25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2007-02-16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-07-14 11:51:24 | 000,002,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\portio32.sys -- (portio32) DRV - [2004-03-19 18:11:22 | 000,090,968 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = [url="http://search.msn.com/spbasic.htm"]http://search.msn.com/spbasic.htm[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url] IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kuba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-27 17:46:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-23 01:23:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-02-18 16:26:50 | 000,000,000 | ---D | M] [2010-02-27 05:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions [2012-03-31 17:18:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions [2012-01-03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\askcom.xml [2012-03-31 17:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-03-31 17:06:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2010-02-27 13:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions [2010-02-27 13:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012-03-13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-03-31 17:06:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-03-13 07:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-03-13 07:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-03-13 07:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-03-13 07:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-03-13 07:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-03-13 07:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml Hosts file not found O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B65B1F8B-1E95-46CC-B2C1-1BA6C9594A10}: DhcpNameServer = 172.22.1.13 8.8.8.8 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "bootini" - 0 MsConfig - State: "startup" - 0 MsConfig - State: "services" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color] [2012-04-18 23:26:24 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012-04-18 21:43:45 | 002,072,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Kuba\Desktop\tdsskiller.exe [2012-04-10 22:51:59 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\TI [2012-04-10 21:56:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012-04-05 01:17:53 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Syndicate [2012-03-31 17:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-03-28 14:08:02 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Kuba [2012-03-22 22:33:30 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Rovio [2012-03-22 22:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio [2012-03-10 00:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012-03-10 00:06:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012-03-10 00:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012-03-10 00:01:54 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012-03-09 23:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\Phyxion.net [2012-03-08 19:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2012-03-08 19:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2012-03-08 19:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2012-03-02 12:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2012-03-02 12:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012-03-02 12:33:09 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Google [2012-03-01 03:41:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool [2012-03-01 03:40:25 | 000,000,000 | ---D | C] -- C:\Flashtool [2012-02-21 18:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Unity [2012-02-21 18:25:49 | 000,594,752 | ---- | C] (Unity Technologies ApS) -- C:\Users\Kuba\Desktop\UnityWebPlayer.exe [color=#E56717]========== Files - Modified Within 60 Days ==========[/color] [2012-04-19 14:09:39 | 000,582,215 | ---- | M] () -- C:\Users\Kuba\Desktop\adwcleaner.exe [2012-04-19 14:08:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-19 14:00:33 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-19 13:59:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-19 13:59:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-19 13:56:13 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-19 13:56:13 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-19 13:56:13 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-19 13:56:13 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-19 13:52:04 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012-04-19 13:51:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-19 13:44:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-18 23:27:30 | 000,302,592 | ---- | M] () -- C:\Users\Kuba\Desktop\jh5ubgg3.exe [2012-04-18 21:44:06 | 002,072,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kuba\Desktop\tdsskiller.exe [2012-04-18 01:48:21 | 015,719,504 | ---- | M] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3 [2012-04-16 00:26:17 | 000,157,225 | ---- | M] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf [2012-04-15 23:46:35 | 000,586,392 | ---- | M] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf [2012-04-12 10:10:09 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk [2012-04-11 02:53:48 | 000,145,576 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat [2012-03-29 11:04:02 | 001,334,738 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02296.JPG [2012-03-29 11:03:48 | 001,491,329 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02295.JPG [2012-03-29 11:03:36 | 001,463,265 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02294.JPG [2012-03-29 11:03:28 | 001,539,660 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02293.JPG [2012-03-28 13:32:25 | 000,421,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-03-27 17:47:31 | 000,000,008 | ---- | M] () -- C:\Windows\System32\camera.ini [2012-03-27 17:46:59 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl [2012-03-27 17:46:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-03-27 17:43:40 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2012-03-22 22:30:49 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk [2012-03-16 02:37:53 | 000,000,663 | ---- | M] () -- C:\Users\Kuba\Desktop\DSJ4.lnk [2012-03-08 02:33:22 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk [2012-03-03 19:25:42 | 000,000,704 | ---- | M] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk [2012-02-28 19:50:58 | 001,271,472 | ---- | M] () -- C:\Users\Kuba\Documents\DSC02149.JPG [2012-02-21 18:26:03 | 000,594,752 | ---- | M] (Unity Technologies ApS) -- C:\Users\Kuba\Desktop\UnityWebPlayer.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-18 23:27:26 | 000,302,592 | ---- | C] () -- C:\Users\Kuba\Desktop\jh5ubgg3.exe [2012-04-18 01:48:05 | 015,719,504 | ---- | C] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3 [2012-04-16 23:01:17 | 001,491,329 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02295.JPG [2012-04-16 23:01:17 | 001,463,265 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02294.JPG [2012-04-16 23:01:16 | 001,539,660 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02293.JPG [2012-04-16 23:01:16 | 001,334,738 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02296.JPG [2012-04-16 00:26:17 | 000,157,225 | ---- | C] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf [2012-04-15 23:46:29 | 000,586,392 | ---- | C] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf [2012-04-11 02:53:48 | 000,145,576 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2012-03-31 01:16:11 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-03-27 17:46:42 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-03-27 17:46:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-03-22 22:30:49 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk [2012-03-10 00:04:34 | 000,008,772 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2012-03-08 19:52:57 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk [2012-03-02 12:34:19 | 000,001,032 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-03-02 12:34:17 | 000,001,028 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-02-28 20:47:41 | 001,271,472 | ---- | C] () -- C:\Users\Kuba\Documents\DSC02149.JPG [2012-02-09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2012-01-03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2011-12-12 21:41:17 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-12-12 21:41:17 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-12-12 21:41:17 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-10-24 20:04:28 | 000,000,600 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd [2011-10-04 18:16:53 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2011-07-12 16:44:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011-05-29 21:06:18 | 000,000,008 | ---- | C] () -- C:\Windows\System32\camera.ini [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-02-27 14:12:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-02-27 14:10:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-02-17 08:29:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2011-01-26 01:28:04 | 000,019,968 | ---- | C] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-26 00:38:22 | 000,002,048 | ---- | C] () -- C:\Windows\System32\drivers\portio32.sys [2010-06-21 23:46:40 | 000,039,712 | ---- | C] () -- C:\Windows\System32\ASL.dll [2010-05-18 22:28:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010-05-18 22:25:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010-02-28 02:36:51 | 000,138,056 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\PnkBstrK.sys [2010-02-27 15:07:24 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini [color=#E56717]========== LOP Check ==========[/color] [2011-07-17 00:40:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.minecraft [2012-03-11 15:40:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\abgx360 [2011-02-28 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer [2010-02-27 17:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bioshock2 [2010-09-18 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bump Technologies, Inc [2010-03-22 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Command and Conquer 4 [2010-02-28 01:46:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools [2010-03-02 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite [2012-02-29 00:41:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DarknessII [2011-06-24 17:40:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Day 1 Studios [2011-11-06 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DeepBurner [2011-11-09 19:20:18 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\FMA [2012-03-25 17:15:23 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Gadu-Gadu 10 [2011-11-28 20:20:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GG Tools [2011-11-10 03:06:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ImgBurn [2012-03-27 17:44:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\IrfanView [2010-09-29 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Leadertech [2012-01-07 23:21:31 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI [2011-07-26 14:20:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI - Internal Private Closed Beta [2011-01-09 22:54:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\mkvtoolnix [2011-11-10 00:58:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\MyPhoneExplorer [2011-12-31 16:40:26 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Nel [2011-06-23 01:04:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++ [2011-11-30 18:21:34 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Olsom [2010-08-15 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\OpenFM [2011-09-30 19:23:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Origin [2010-09-12 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PMS [2010-03-24 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Prison Break [2011-12-12 21:10:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PunkBuster [2010-02-28 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Red Alert 3 [2012-03-22 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Rovio [2010-07-30 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Samsung [2010-06-30 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sports Interactive [2011-03-19 01:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\The Creative Assembly [2011-02-17 01:22:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Tunngle [2010-02-27 15:21:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft [2012-04-19 14:09:41 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent [2012-03-21 11:39:13 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %systemdrive%\*.* >[/color] [2011-09-25 19:59:34 | 000,004,032 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2010-02-27 05:17:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010-07-14 00:22:47 | 000,010,194 | ---- | M] () -- C:\MP4debug.log [2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010-09-11 15:06:35 | 000,271,082 | RHS- | M] () -- C:\PTRQH [2012-04-18 21:49:08 | 000,135,756 | ---- | M] () -- C:\TDSSKiller.2.7.29.0_18.04.2012_21.46.00_log.txt [2012-04-18 23:28:33 | 000,138,900 | ---- | M] () -- C:\TDSSKiller.2.7.29.0_18.04.2012_23.25.02_log.txt [2012-04-18 23:32:10 | 000,136,270 | ---- | M] () -- C:\TDSSKiller.2.7.29.0_18.04.2012_23.30.55_log.txt [2010-09-11 15:06:35 | 000,000,020 | RHS- | M] () -- C:\win7.ld [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: BEEP.SYS >[/color] [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys [2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2012-01-13 15:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < End of report > [/log] [log]OTL Extras logfile created on: 2012-04-19 14:06:56 - Run 3 OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,59% Memory free 3,35 Gb Paging File | 2,14 Gb Available in Paging File | 64,08% Paging File free Paging file location(s): d:\pagefile.sys 100 4900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 1,42 Gb Free Space | 4,16% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 29,30 Gb Free Space | 6,79% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Społeczności "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1" = Symulator Jazdy 2 v.1.0 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands "{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI "{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31 "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java™ SE Development Kit 6 Update 26 "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004 "{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}" = Google Earth Plug-in "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{685BCFA5-6B62-49D3-97EA-E7C29A70D961}" = Modern warfare 2 Multiplayer - Gardzij "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1 "{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Społeczności "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0209 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Społeczności Na wakacjach "{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "abgx360" = abgx360 v1.0.6 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "AIMP2" = AIMP2 "ALLConverter to PSP_is1" = ALLConverter to PSP "AviSynth" = AviSynth 2.5 "Battlelog Web Plugins" = Battlelog Web Plugins "CanonMyPrinter" = Canon Utilities My Printer "CCleaner" = CCleaner "Cheat Engine 6.0_is1" = Cheat Engine 6.0 "CloneCD" = CloneCD "DAEMON Tools Lite" = DAEMON Tools Lite "Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "Flashtool" = Flashtool "Fraps" = Fraps (remove only) "Gadu-Gadu 10" = Gadu-Gadu 10 "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "GG Tools_is1" = GG Tools "GTA IV - Ultimate Vehicle Pack" = GTA IV - Ultimate Vehicle Pack v6.0.0.0 "ImgBurn" = ImgBurn "KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "MKVtoolnix" = MKVtoolnix 4.4.0 "Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl) "MPE" = MyPhoneExplorer "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Origin" = Origin "PS3 Media Server" = PS3 Media Server "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.2 "SopCast" = SopCast 3.2.9 "Test Drive Unlimited 2_is1" = Test Drive Unlimited 2 "Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204 "UltraISO_is1" = UltraISO Premium V9.36 "UnderCoverXP_is1" = UnderCoverXP 1.23 "Update Engine" = Sony Ericsson Update Engine "Update Service" = Update Service "uTorrent" = µTorrent "VirtualDubMod" = VirtualDubMod 1.5.10.2 PL "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "winscp3_is1" = WinSCP 4.3.5 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] [log]# AdwCleaner v1.601 - Logfile created 04/19/2012 at 14:18:24 # Updated 17/04/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits) # User : Kuba - KUBA-KOMPUTER # Running from : C:\Users\Kuba\Desktop\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\ConduitCommon File Found : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\Askcom.xml ***** [H. Navipromo] ***** ***** [Registry] ***** Key Found : HKCU\Software\Ask&Record Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://www.bigseekpro.com/mediaget/{0b7a993f-4927-4210-a6d8-99dd3eada2ea} -\\ Mozilla Firefox v11.0 (pl) ## File : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\prefs.js Found : user_pref("CT1060933..clientLogIsEnabled", true); Found : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Found : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Found : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Found : user_pref("CT1060933.CTID", "ct1060933"); Found : user_pref("CT1060933.CurrentServerDate", "25-9-2011"); Found : user_pref("CT1060933.DialogsAlignMode", "LTR"); Found : user_pref("CT1060933.DialogsGetterLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200"); Found : user_pref("CT1060933.DownloadReferralCookieData", ""); Found : user_pref("CT1060933.FirstServerDate", "25-9-2011"); Found : user_pref("CT1060933.FirstTime", true); Found : user_pref("CT1060933.FirstTimeFF3", true); Found : user_pref("CT1060933.FixPageNotFoundErrors", true); Found : user_pref("CT1060933.GroupingServerCheckInterval", 1440); Found : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Found : user_pref("CT1060933.HasUserGlobalKeys", true); Found : user_pref("CT1060933.Initialize", true); Found : user_pref("CT1060933.InitializeCommonPrefs", true); Found : user_pref("CT1060933.InstallationAndCookieDataSentCount", 2); Found : user_pref("CT1060933.InstallationId", "ConduitStubGeneric"); Found : user_pref("CT1060933.InstallationType", "ConduitStubIntegration"); Found : user_pref("CT1060933.InstalledDate", "Sun Sep 25 2011 11:24:49 GMT+0200"); Found : user_pref("CT1060933.InvalidateCache", false); Found : user_pref("CT1060933.IsAlertDBUpdated", true); Found : user_pref("CT1060933.IsGrouping", false); Found : user_pref("CT1060933.IsInitSetupIni", true); Found : user_pref("CT1060933.IsMulticommunity", false); Found : user_pref("CT1060933.IsOpenThankYouPage", false); Found : user_pref("CT1060933.IsOpenUninstallPage", true); Found : user_pref("CT1060933.LanguagePackLastCheckTime", "Sun Sep 25 2011 11:24:53 GMT+0200"); Found : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440); Found : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Found : user_pref("CT1060933.LastLogin_3.6.0.10", "Sun Sep 25 2011 16:35:34 GMT+0200"); Found : user_pref("CT1060933.LatestVersion", "3.6.0.10"); Found : user_pref("CT1060933.Locale", "en-us"); Found : user_pref("CT1060933.MCDetectTooltipHeight", "83"); Found : user_pref("CT1060933.MCDetectTooltipShow", false); Found : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Found : user_pref("CT1060933.MCDetectTooltipWidth", "295"); Found : user_pref("CT1060933.MyStuffEnabledAtInstallation", true); Found : user_pref("CT1060933.OriginalFirstVersion", "3.6.0.10"); Found : user_pref("CT1060933.RadioIsPodcast", false); Found : user_pref("CT1060933.RadioLastCheckTime", "Sun Sep 25 2011 11:24:52 GMT+0200"); Found : user_pref("CT1060933.RadioLastUpdateIPServer", "0"); Found : user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000"); Found : user_pref("CT1060933.RadioMediaID", "21504191"); Found : user_pref("CT1060933.RadioMediaType", "Media Player"); Found : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191"); Found : user_pref("CT1060933.RadioShrinkedFromSetup", false); Found : user_pref("CT1060933.RadioStationName", "KFOG"); Found : user_pref("CT1060933.RadioStationURL", "hxxp://live.cumulusstreaming.com/KFOG-FM"); Found : user_pref("CT1060933.SHRINK_TOOLBAR", 1); Found : user_pref("CT1060933.SearchFromAddressBarIsInit", true); Found : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...] Found : user_pref("CT1060933.SearchInNewTabEnabled", true); Found : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440); Found : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Sun Sep 25 2011 11:24:50 GMT+0200"); Found : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Found : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Found : user_pref("CT1060933.ServiceMapLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200"); Found : user_pref("CT1060933.SettingsLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200"); Found : user_pref("CT1060933.SettingsLastUpdate", "1314078198"); Found : user_pref("CT1060933.ThirdPartyComponentsInterval", 504); Found : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Sun Sep 25 2011 11:24:46 GMT+0200"); Found : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586"); Found : user_pref("CT1060933.ToolbarShrinkedFromSetup", false); Found : user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933"); Found : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Found : user_pref("CT1060933.UserID", "UN90275884370292269"); Found : user_pref("CT1060933.ValidationData_Toolbar", 2); Found : user_pref("CT1060933.alertChannelId", "15651"); Found : user_pref("CT1060933.appApproved.129272674122038321", true); Found : user_pref("CT1060933.approveUntrustedApps", false); Found : user_pref("CT1060933.components.1000082", false); Found : user_pref("CT1060933.ct1060933.DialogsAlignMode", "LTR"); Found : user_pref("CT1060933.ct1060933.InvalidateCache", false); Found : user_pref("CT1060933.ct1060933.LanguagePackLastCheckTime", "Sun Sep 25 2011 11:24:55 GMT+0200"); Found : user_pref("CT1060933.ct1060933.Locale", "en-us"); Found : user_pref("CT1060933.ct1060933.RadioLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200"); Found : user_pref("CT1060933.ct1060933.RadioLastUpdateIPServer", "0"); Found : user_pref("CT1060933.ct1060933.RadioLastUpdateServer", "129326918102570000"); Found : user_pref("CT1060933.ct1060933.SearchInNewTabLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200"); Found : user_pref("CT1060933.ct1060933.SettingsLastCheckTime", "Sun Sep 25 2011 19:16:38 GMT+0200"); Found : user_pref("CT1060933.ct1060933.SettingsLastUpdate", "1314078198"); Found : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastCheck", "Sun Sep 25 2011 11:24:49 GMT+0200"); Found : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastUpdate", "1312887586"); Found : user_pref("CT1060933.ct1060933.components.129032145384800518", false); Found : user_pref("CT1060933.ct1060933.components.129032148247613461", false); Found : user_pref("CT1060933.ct1060933.components.129032152822456983", false); Found : user_pref("CT1060933.ct1060933.components.129032154330894193", false); Found : user_pref("CT1060933.ct1060933.components.129032155426050046", false); Found : user_pref("CT1060933.ct1060933.components.129032157011675027", false); Found : user_pref("CT1060933.ct1060933.components.129032162642925076", false); Found : user_pref("CT1060933.ct1060933.components.129078058382649592", false); Found : user_pref("CT1060933.ct1060933.components.129272674122038321", false); Found : user_pref("CT1060933.ct1060933.globalFirstTimeInfoLastCheckTime", "Sun Sep 25 2011 16:35:34 GMT+0200[...] Found : user_pref("CT1060933.ct1060933.toolbarAppMetaDataLastCheckTime", "Sun Sep 25 2011 11:24:50 GMT+0200"[...] Found : user_pref("CT1060933.ct1060933.toolbarContextMenuLastCheckTime", "Sun Sep 25 2011 11:24:55 GMT+0200"[...] Found : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Found : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Sun Sep 25 2011 11:24:47 GMT+0200"); Found : user_pref("CT1060933.homepageProtectorEnableByLogin", true); Found : user_pref("CT1060933.initDone", true); Found : user_pref("CT1060933.isAppTrackingManagerOn", true); Found : user_pref("CT1060933.isFirstRadioInstallation", false); Found : user_pref("CT1060933.myStuffEnabled", true); Found : user_pref("CT1060933.myStuffPublihserMinWidth", 400); Found : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Found : user_pref("CT1060933.myStuffServiceIntervalMM", 1440); Found : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Found : user_pref("CT1060933.oldAppsList", "128346981843587669,128280995260143876,111,129272674122038321,129[...] Found : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10); Found : user_pref("CT1060933.searchProtectorEnableByLogin", true); Found : user_pref("CT1060933.testingCtid", ""); Found : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Sun Sep 25 2011 11:24:47 GMT+0200"); Found : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sun Sep 25 2011 11:24:53 GMT+0200"); Found : user_pref("CT1060933.usagesFlag", 2); Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...] Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct1060933", [...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...] Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",[...] Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1060933&octid=[...] Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct1060933&octid=[...] Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...] Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...] Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...] Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...] Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...] Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...] Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Kuba\\AppData\\Roaming\\Mozilla\\Fi[...] Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10"); Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://freecorder.com/gadget/video.html", "833x231")[...] Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Found : user_pref("CommunityToolbar.ToolbarsList", "CT1060933"); Found : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933"); Found : user_pref("CommunityToolbar.ToolbarsList4", "CT1060933"); Found : user_pref("CommunityToolbar.globalUserId", "ef49c031-b333-4965-bad1-11dd9a4cad60"); Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Sep 25 2011 11:24:4[...] Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Found : user_pref("CommunityToolbar.notifications.locale", "en"); Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200"); Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Found : user_pref("CommunityToolbar.notifications.userId", "05a2e50a-1e06-4d7f-854c-376073cde677"); ************************* AdwCleaner[R1].txt - [15587 octets] - [19/04/2012 14:18:24] ########## EOF - C:\AdwCleaner[R1].txt - [15716 octets] ########## [/log]
Gość komentarz 19 kwietnia 2012 komentarz 19 kwietnia 2012 Zamknij przeglądarkę, uruchom AdwCleaner z opcji[b] Delete.[/b] Usuń Kasperskiego. To usunie program i kwarantanne. Usuń GMER Wykonaj skan OTL wg tej instrukcji http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1 1
swiatek94 komentarz 19 kwietnia 2012 Autor komentarz 19 kwietnia 2012 (edytowane) Log z AdwCleaner [log]# AdwCleaner v1.601 - Logfile created 04/19/2012 at 17:19:13 # Updated 17/04/2012 by Xplode # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits) # User : Kuba - KUBA-KOMPUTER # Running from : C:\Users\Kuba\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\ConduitCommon File Deleted : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\Askcom.xml ***** [H. Navipromo] ***** ***** [Registry] ***** Key Deleted : HKCU\Software\Ask&Record Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://www.bigseekpro.com/mediaget/{0b7a993f-4927-4210-a6d8-99dd3eada2ea} --> hxxp://www.google.fr -\\ Mozilla Firefox v11.0 (pl) ## File : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\prefs.js Deleted : user_pref("CT1060933..clientLogIsEnabled", true); Deleted : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT1060933.CTID", "ct1060933"); Deleted : user_pref("CT1060933.CurrentServerDate", "25-9-2011"); Deleted : user_pref("CT1060933.DialogsAlignMode", "LTR"); Deleted : user_pref("CT1060933.DialogsGetterLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200"); Deleted : user_pref("CT1060933.DownloadReferralCookieData", ""); Deleted : user_pref("CT1060933.FirstServerDate", "25-9-2011"); Deleted : user_pref("CT1060933.FirstTime", true); Deleted : user_pref("CT1060933.FirstTimeFF3", true); Deleted : user_pref("CT1060933.FixPageNotFoundErrors", true); Deleted : user_pref("CT1060933.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT1060933.HasUserGlobalKeys", true); Deleted : user_pref("CT1060933.Initialize", true); Deleted : user_pref("CT1060933.InitializeCommonPrefs", true); Deleted : user_pref("CT1060933.InstallationAndCookieDataSentCount", 2); Deleted : user_pref("CT1060933.InstallationId", "ConduitStubGeneric"); Deleted : user_pref("CT1060933.InstallationType", "ConduitStubIntegration"); Deleted : user_pref("CT1060933.InstalledDate", "Sun Sep 25 2011 11:24:49 GMT+0200"); Deleted : user_pref("CT1060933.InvalidateCache", false); Deleted : user_pref("CT1060933.IsAlertDBUpdated", true); Deleted : user_pref("CT1060933.IsGrouping", false); Deleted : user_pref("CT1060933.IsInitSetupIni", true); Deleted : user_pref("CT1060933.IsMulticommunity", false); Deleted : user_pref("CT1060933.IsOpenThankYouPage", false); Deleted : user_pref("CT1060933.IsOpenUninstallPage", true); Deleted : user_pref("CT1060933.LanguagePackLastCheckTime", "Sun Sep 25 2011 11:24:53 GMT+0200"); Deleted : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT1060933.LastLogin_3.6.0.10", "Sun Sep 25 2011 16:35:34 GMT+0200"); Deleted : user_pref("CT1060933.LatestVersion", "3.6.0.10"); Deleted : user_pref("CT1060933.Locale", "en-us"); Deleted : user_pref("CT1060933.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT1060933.MCDetectTooltipShow", false); Deleted : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT1060933.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT1060933.MyStuffEnabledAtInstallation", true); Deleted : user_pref("CT1060933.OriginalFirstVersion", "3.6.0.10"); Deleted : user_pref("CT1060933.RadioIsPodcast", false); Deleted : user_pref("CT1060933.RadioLastCheckTime", "Sun Sep 25 2011 11:24:52 GMT+0200"); Deleted : user_pref("CT1060933.RadioLastUpdateIPServer", "0"); Deleted : user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000"); Deleted : user_pref("CT1060933.RadioMediaID", "21504191"); Deleted : user_pref("CT1060933.RadioMediaType", "Media Player"); Deleted : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191"); Deleted : user_pref("CT1060933.RadioShrinkedFromSetup", false); Deleted : user_pref("CT1060933.RadioStationName", "KFOG"); Deleted : user_pref("CT1060933.RadioStationURL", "hxxp://live.cumulusstreaming.com/KFOG-FM"); Deleted : user_pref("CT1060933.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT1060933.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...] Deleted : user_pref("CT1060933.SearchInNewTabEnabled", true); Deleted : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Sun Sep 25 2011 11:24:50 GMT+0200"); Deleted : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Deleted : user_pref("CT1060933.ServiceMapLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200"); Deleted : user_pref("CT1060933.SettingsLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200"); Deleted : user_pref("CT1060933.SettingsLastUpdate", "1314078198"); Deleted : user_pref("CT1060933.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Sun Sep 25 2011 11:24:46 GMT+0200"); Deleted : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586"); Deleted : user_pref("CT1060933.ToolbarShrinkedFromSetup", false); Deleted : user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933"); Deleted : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Deleted : user_pref("CT1060933.UserID", "UN90275884370292269"); Deleted : user_pref("CT1060933.ValidationData_Toolbar", 2); Deleted : user_pref("CT1060933.alertChannelId", "15651"); Deleted : user_pref("CT1060933.appApproved.129272674122038321", true); Deleted : user_pref("CT1060933.approveUntrustedApps", false); Deleted : user_pref("CT1060933.components.1000082", false); Deleted : user_pref("CT1060933.ct1060933.DialogsAlignMode", "LTR"); Deleted : user_pref("CT1060933.ct1060933.InvalidateCache", false); Deleted : user_pref("CT1060933.ct1060933.LanguagePackLastCheckTime", "Sun Sep 25 2011 11:24:55 GMT+0200"); Deleted : user_pref("CT1060933.ct1060933.Locale", "en-us"); Deleted : user_pref("CT1060933.ct1060933.RadioLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200"); Deleted : user_pref("CT1060933.ct1060933.RadioLastUpdateIPServer", "0"); Deleted : user_pref("CT1060933.ct1060933.RadioLastUpdateServer", "129326918102570000"); Deleted : user_pref("CT1060933.ct1060933.SearchInNewTabLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200"); Deleted : user_pref("CT1060933.ct1060933.SettingsLastCheckTime", "Sun Sep 25 2011 19:16:38 GMT+0200"); Deleted : user_pref("CT1060933.ct1060933.SettingsLastUpdate", "1314078198"); Deleted : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastCheck", "Sun Sep 25 2011 11:24:49 GMT+0200"); Deleted : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastUpdate", "1312887586"); Deleted : user_pref("CT1060933.ct1060933.components.129032145384800518", false); Deleted : user_pref("CT1060933.ct1060933.components.129032148247613461", false); Deleted : user_pref("CT1060933.ct1060933.components.129032152822456983", false); Deleted : user_pref("CT1060933.ct1060933.components.129032154330894193", false); Deleted : user_pref("CT1060933.ct1060933.components.129032155426050046", false); Deleted : user_pref("CT1060933.ct1060933.components.129032157011675027", false); Deleted : user_pref("CT1060933.ct1060933.components.129032162642925076", false); Deleted : user_pref("CT1060933.ct1060933.components.129078058382649592", false); Deleted : user_pref("CT1060933.ct1060933.components.129272674122038321", false); Deleted : user_pref("CT1060933.ct1060933.globalFirstTimeInfoLastCheckTime", "Sun Sep 25 2011 16:35:34 GMT+0200[...] Deleted : user_pref("CT1060933.ct1060933.toolbarAppMetaDataLastCheckTime", "Sun Sep 25 2011 11:24:50 GMT+0200"[...] Deleted : user_pref("CT1060933.ct1060933.toolbarContextMenuLastCheckTime", "Sun Sep 25 2011 11:24:55 GMT+0200"[...] Deleted : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Deleted : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Sun Sep 25 2011 11:24:47 GMT+0200"); Deleted : user_pref("CT1060933.homepageProtectorEnableByLogin", true); Deleted : user_pref("CT1060933.initDone", true); Deleted : user_pref("CT1060933.isAppTrackingManagerOn", true); Deleted : user_pref("CT1060933.isFirstRadioInstallation", false); Deleted : user_pref("CT1060933.myStuffEnabled", true); Deleted : user_pref("CT1060933.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT1060933.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT1060933.oldAppsList", "128346981843587669,128280995260143876,111,129272674122038321,129[...] Deleted : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10); Deleted : user_pref("CT1060933.searchProtectorEnableByLogin", true); Deleted : user_pref("CT1060933.testingCtid", ""); Deleted : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Sun Sep 25 2011 11:24:47 GMT+0200"); Deleted : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sun Sep 25 2011 11:24:53 GMT+0200"); Deleted : user_pref("CT1060933.usagesFlag", 2); Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct1060933", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1060933&octid=[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct1060933&octid=[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...] Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Kuba\\AppData\\Roaming\\Mozilla\\Fi[...] Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10"); Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://freecorder.com/gadget/video.html", "833x231")[...] Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1060933"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933"); Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT1060933"); Deleted : user_pref("CommunityToolbar.globalUserId", "ef49c031-b333-4965-bad1-11dd9a4cad60"); Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Sep 25 2011 11:24:4[...] Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.locale", "en"); Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200"); Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.notifications.userId", "05a2e50a-1e06-4d7f-854c-376073cde677"); ************************* AdwCleaner[R1].txt - [15718 octets] - [19/04/2012 14:18:24] AdwCleaner[S1].txt - [16050 octets] - [19/04/2012 17:19:13] ########## EOF - C:\AdwCleaner[S1].txt - [16179 octets] ########## [/log] OTL [log]OTL logfile created on: 2012-04-19 17:25:05 - Run 4 OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 62,38% Memory free 3,35 Gb Paging File | 2,03 Gb Available in Paging File | 60,81% Paging File free Paging file location(s): d:\pagefile.sys 100 4900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 1,39 Gb Free Space | 4,06% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 29,30 Gb Free Space | 6,79% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe PRC - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe PRC - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2012-02-10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe PRC - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-04-14 16:08:12 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll MOD - [2012-03-13 06:36:53 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-02-09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll MOD - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe MOD - [2011-11-23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll MOD - [2010-12-13 10:58:50 | 000,047,616 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll MOD - [2009-09-23 16:04:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-04-14 16:08:12 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-06-04 11:03:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-06-13 02:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2012-02-10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-11-10 11:22:55 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2011-08-09 15:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 10:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-05-16 22:49:27 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri) DRV - [2010-05-16 22:48:26 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2010-05-16 22:48:26 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2010-03-19 16:14:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010-03-19 16:14:12 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009-03-25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm) DRV - [2009-03-25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) DRV - [2009-03-25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) DRV - [2009-03-25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex) DRV - [2009-03-25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM) DRV - [2009-03-25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) DRV - [2009-03-25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2007-02-16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004-07-14 11:51:24 | 000,002,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\portio32.sys -- (portio32) DRV - [2004-03-19 18:11:22 | 000,090,968 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = [url="http://search.msn.com/spbasic.htm"]http://search.msn.com/spbasic.htm[/url] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [url="http://www.google.fr"]http://www.google.fr[/url] IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url] IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kuba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-27 17:46:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-23 01:23:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-02-18 16:26:50 | 000,000,000 | ---D | M] [2010-02-27 05:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions [2012-03-31 17:18:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions [2012-03-31 17:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-03-31 17:06:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2010-02-27 13:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions [2010-02-27 13:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012-03-13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-03-31 17:06:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-03-13 07:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-03-13 07:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-03-13 07:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-03-13 07:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-03-13 07:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-03-13 07:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml Hosts file not found O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B65B1F8B-1E95-46CC-B2C1-1BA6C9594A10}: DhcpNameServer = 172.22.1.13 8.8.8.8 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-04-18 23:26:24 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012-04-10 22:51:59 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\TI [2012-04-10 21:56:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012-04-05 01:17:53 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Syndicate [2012-03-31 17:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-03-31 17:06:48 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-03-31 17:06:48 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-03-31 17:06:47 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-03-31 01:16:11 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-03-28 14:08:02 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Kuba [2012-03-22 22:33:30 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Rovio [2012-03-22 22:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-04-19 17:27:05 | 001,661,232 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-04-19 17:27:05 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-04-19 17:27:05 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-04-19 17:27:05 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-04-19 17:27:05 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-04-19 17:21:19 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-04-19 17:21:08 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012-04-19 17:21:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-04-19 17:20:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-04-19 17:19:57 | 004,980,736 | -HS- | M] () -- C:\Users\Kuba\ntuser.dat [2012-04-19 17:19:55 | 002,872,846 | -H-- | M] () -- C:\Users\Kuba\AppData\Local\IconCache.db [2012-04-19 17:08:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-19 16:44:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-04-19 14:09:39 | 000,582,215 | ---- | M] () -- C:\Users\Kuba\Desktop\adwcleaner.exe [2012-04-19 13:59:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-19 13:59:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-18 01:48:21 | 015,719,504 | ---- | M] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3 [2012-04-16 00:26:17 | 000,157,225 | ---- | M] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf [2012-04-15 23:46:35 | 000,586,392 | ---- | M] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf [2012-04-14 16:08:12 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-04-14 16:08:12 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-04-12 10:10:09 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk [2012-04-11 02:53:48 | 000,145,576 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat [2012-03-31 17:06:43 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2012-03-31 17:06:43 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-03-31 17:06:43 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-03-31 17:06:43 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-03-29 11:04:02 | 001,334,738 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02296.JPG [2012-03-29 11:03:48 | 001,491,329 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02295.JPG [2012-03-29 11:03:36 | 001,463,265 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02294.JPG [2012-03-29 11:03:28 | 001,539,660 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02293.JPG [2012-03-28 13:32:25 | 000,421,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-03-27 20:39:59 | 000,110,000 | ---- | M] () -- C:\Users\Kuba\AppData\Local\GDIPFONTCACHEV1.DAT [2012-03-27 17:47:31 | 000,000,008 | ---- | M] () -- C:\Windows\System32\camera.ini [2012-03-27 17:46:59 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl [2012-03-27 17:46:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-03-27 17:43:40 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat [2012-03-22 22:30:49 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-04-19 14:09:36 | 000,582,215 | ---- | C] () -- C:\Users\Kuba\Desktop\adwcleaner.exe [2012-04-18 01:48:05 | 015,719,504 | ---- | C] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3 [2012-04-16 23:01:17 | 001,491,329 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02295.JPG [2012-04-16 23:01:17 | 001,463,265 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02294.JPG [2012-04-16 23:01:16 | 001,539,660 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02293.JPG [2012-04-16 23:01:16 | 001,334,738 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02296.JPG [2012-04-16 00:26:17 | 000,157,225 | ---- | C] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf [2012-04-15 23:46:29 | 000,586,392 | ---- | C] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf [2012-04-11 02:53:48 | 000,145,576 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2012-03-31 01:16:11 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-03-27 17:46:42 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-03-27 17:46:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-03-27 00:54:29 | 002,872,846 | -H-- | C] () -- C:\Users\Kuba\AppData\Local\IconCache.db [2012-03-22 22:30:49 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk [2012-02-09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2012-01-03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\System32\abgx360.exe [2011-12-12 21:41:17 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-12-12 21:41:17 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-12-12 21:41:17 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-10-24 20:04:28 | 000,000,600 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd [2011-10-04 18:16:53 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2011-07-12 16:44:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2011-05-29 21:06:18 | 000,000,008 | ---- | C] () -- C:\Windows\System32\camera.ini [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-02-27 14:12:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-02-27 14:10:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-02-27 14:10:57 | 000,053,600 | ---- | C] () -- C:\Windows\System32\dosx.exe [2011-02-17 08:29:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat [2011-01-26 01:28:04 | 000,019,968 | ---- | C] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-26 00:38:22 | 000,002,048 | ---- | C] () -- C:\Windows\System32\drivers\portio32.sys [2010-06-21 23:46:40 | 000,039,712 | ---- | C] () -- C:\Windows\System32\ASL.dll [2010-05-18 22:28:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010-05-18 22:25:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010-02-28 02:36:51 | 000,138,056 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\PnkBstrK.sys [2010-02-27 15:07:24 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini [2010-02-27 13:34:21 | 000,110,000 | ---- | C] () -- C:\Users\Kuba\AppData\Local\GDIPFONTCACHEV1.DAT [color=#E56717]========== LOP Check ==========[/color] [2011-07-17 00:40:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.minecraft [2012-03-11 15:40:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\abgx360 [2011-02-28 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer [2010-02-27 17:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bioshock2 [2010-09-18 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bump Technologies, Inc [2010-03-22 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Command and Conquer 4 [2010-02-28 01:46:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools [2010-03-02 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite [2012-02-29 00:41:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DarknessII [2011-06-24 17:40:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Day 1 Studios [2011-11-06 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DeepBurner [2011-11-09 19:20:18 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\FMA [2012-03-25 17:15:23 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Gadu-Gadu 10 [2011-11-28 20:20:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GG Tools [2011-11-10 03:06:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ImgBurn [2012-03-27 17:44:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\IrfanView [2010-09-29 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Leadertech [2012-01-07 23:21:31 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI [2011-07-26 14:20:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI - Internal Private Closed Beta [2011-01-09 22:54:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\mkvtoolnix [2011-11-10 00:58:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\MyPhoneExplorer [2011-12-31 16:40:26 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Nel [2011-06-23 01:04:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++ [2011-11-30 18:21:34 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Olsom [2010-08-15 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\OpenFM [2011-09-30 19:23:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Origin [2010-09-12 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PMS [2010-03-24 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Prison Break [2011-12-12 21:10:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PunkBuster [2010-02-28 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Red Alert 3 [2012-03-22 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Rovio [2010-07-30 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Samsung [2010-06-30 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sports Interactive [2011-03-19 01:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\The Creative Assembly [2011-02-17 01:22:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Tunngle [2010-02-27 15:21:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft [2012-04-19 17:27:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent [2012-03-21 11:39:13 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report > [/log] [log]OTL Extras logfile created on: 2012-04-19 17:25:05 - Run 4 OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 62,38% Memory free 3,35 Gb Paging File | 2,03 Gb Available in Paging File | 60,81% Paging File free Paging file location(s): d:\pagefile.sys 100 4900 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 34,18 Gb Total Space | 1,39 Gb Free Space | 4,06% Space Free | Partition Type: NTFS Drive D: | 431,57 Gb Total Space | 29,30 Gb Free Space | 6,79% Space Free | Partition Type: NTFS Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Społeczności "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1" = Symulator Jazdy 2 v.1.0 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands "{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI "{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31 "{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support "{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java™ SE Development Kit 6 Update 26 "{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space "{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX "{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004 "{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}" = Google Earth Plug-in "{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2 "{685BCFA5-6B62-49D3-97EA-E7C29A70D961}" = Modern warfare 2 Multiplayer - Gardzij "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1 "{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI "{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™ "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Społeczności "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 295.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0209 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Społeczności Na wakacjach "{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "abgx360" = abgx360 v1.0.6 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "AIMP2" = AIMP2 "ALLConverter to PSP_is1" = ALLConverter to PSP "AviSynth" = AviSynth 2.5 "Battlelog Web Plugins" = Battlelog Web Plugins "CanonMyPrinter" = Canon Utilities My Printer "CCleaner" = CCleaner "Cheat Engine 6.0_is1" = Cheat Engine 6.0 "CloneCD" = CloneCD "DAEMON Tools Lite" = DAEMON Tools Lite "Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4 "ENTERPRISE" = Microsoft Office Enterprise 2007 "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "Flashtool" = Flashtool "Fraps" = Fraps (remove only) "Gadu-Gadu 10" = Gadu-Gadu 10 "GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3 "GG Tools_is1" = GG Tools "GTA IV - Ultimate Vehicle Pack" = GTA IV - Ultimate Vehicle Pack v6.0.0.0 "ImgBurn" = ImgBurn "KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "MKVtoolnix" = MKVtoolnix 4.4.0 "Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl) "MPE" = MyPhoneExplorer "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "OpenAL" = OpenAL "Origin" = Origin "PS3 Media Server" = PS3 Media Server "PunkBusterSvc" = PunkBuster Services "RealAlt_is1" = Real Alternative 2.0.2 "SopCast" = SopCast 3.2.9 "Test Drive Unlimited 2_is1" = Test Drive Unlimited 2 "Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204 "UltraISO_is1" = UltraISO Premium V9.36 "UnderCoverXP_is1" = UnderCoverXP 1.23 "Update Engine" = Sony Ericsson Update Engine "Update Service" = Update Service "uTorrent" = µTorrent "VirtualDubMod" = VirtualDubMod 1.5.10.2 PL "Winamp" = Winamp "WinRAR archiver" = Archiwizator WinRAR "winscp3_is1" = WinSCP 4.3.5 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "UnityWebPlayer" = Unity Web Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report > [/log] Mimo usunięcia tdsskiller, logi jak i kwarantanna nadal jest na dysku C, usunąc ręcznie ?-
Gość komentarz 19 kwietnia 2012 komentarz 19 kwietnia 2012 Uruchom OTL i w oknie Własne opcje skanowania/skrypt wklej: [code]:Files C:\TDSSKiller_Quarantine C:\TDSSKiller.2.7.29.0_18.04.2012_21.46.00_log.txt C:\TDSSKiller.2.7.29.0_18.04.2012_23.25.02_log.txt C:\TDSSKiller.2.7.29.0_18.04.2012_23.30.55_log.txt :Commands [emptytemp][/code] Kliknij w [b]Wykonaj skrypt[/b]. 2 Uruchom AdwCleaner i kliknij[b] Uninstall[/b]. 3. Uruchom [b]OTL[/b] i kliknij [b]Sprzatanie[/b]. 4. Wyczyść foldery Przywracania systemu - instrukcja http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415 5. Zrób pełny skan za pomocą [b]ESET[/b], jeśli coś wykryje przedstaw raport. 1
swiatek94 komentarz 19 kwietnia 2012 Autor komentarz 19 kwietnia 2012 Wykonałem wszystko jak napisałeś, NOD32 po 1h42minutach nic nie wykrył : )
Gość komentarz 20 kwietnia 2012 komentarz 20 kwietnia 2012 [quote]Wykonałem wszystko jak napisałeś, NOD32 po 1h42minutach nic nie wykrył[/quote] W takim razie nie mam juz nic do roboty. 1
swiatek94 komentarz 20 kwietnia 2012 Autor komentarz 20 kwietnia 2012 Rozumiem, że to jednak był keylogger ( jeśli tak, to jaki dokładnie, bo napisali w informacji, że Blackshades, dlatego się trochę martwię ) ? Dziękuje bardzo za pomoc i pozdrawiam ! : )
Gość komentarz 20 kwietnia 2012 komentarz 20 kwietnia 2012 Zmień sobie hasła logowania do poczty i serwisów. Brakuje w systemie pliku Hosts. Poczytaj zrób plik i umieśc w odpowiednim katalogu. mam nadzieje że sobie poradzisz. http://www.fixitpc.pl/topic/4960-plik-hosts/
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.