x-kom hosting

Podejrzenie Keyloggera i koń trojański którego nie można wyleczyć

swiatek94
utworzono
utworzono (edytowane)

Witam serdecznie, otóż dostałem wiadomość, że mój komputer może posiadać na dysku Keyloggera. NOD32 wykrył pewnego konia trojańskiego, lecz jest napisane, że " nie można go wyleczyć ". Podrzucam logi i zdjęcie wykrytego wirusa. Bardzo proszę o pomoc

[log]OTL logfile created on: 2012-04-18 18:50:47 - Run 2
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 57,37% Memory free
3,35 Gb Paging File | 2,01 Gb Available in Paging File | 59,97% Paging File free
Paging file location(s): d:\pagefile.sys 100 4900 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 1,33 Gb Free Space | 3,88% Space Free | Partition Type: NTFS
Drive D: | 431,57 Gb Total Space | 32,64 Gb Free Space | 7,56% Space Free | Partition Type: NTFS

Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
PRC - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012-02-10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-02-10 05:00:26 | 000,645,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2011-12-12 21:10:50 | 000,075,136 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-05-04 06:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-02-18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2010-10-07 13:23:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2010-08-07 13:38:00 | 001,262,592 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\AIMP2.exe
PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-02-18 17:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-04-14 16:08:12 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012-03-30 12:33:32 | 000,995,840 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.dll
MOD - [2012-03-26 10:14:28 | 000,851,456 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\Device.dll
MOD - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
MOD - [2012-03-20 18:08:06 | 000,593,408 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\NewUI.dll
MOD - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
MOD - [2012-03-13 06:38:04 | 015,915,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2012-03-13 06:37:21 | 000,019,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2012-03-13 06:37:17 | 000,158,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2012-03-13 06:37:13 | 000,170,936 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2012-03-13 06:37:11 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2012-03-13 06:37:08 | 000,020,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2012-03-13 06:37:07 | 000,022,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2012-03-13 06:37:05 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2012-03-13 06:37:00 | 000,646,072 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2012-03-13 06:36:57 | 000,187,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2012-03-13 06:36:56 | 000,818,104 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-03-13 06:36:53 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-03-13 06:36:50 | 000,044,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2012-03-13 06:36:49 | 000,016,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
MOD - [2012-02-10 06:13:00 | 007,713,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
MOD - [2012-02-10 06:13:00 | 002,801,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
MOD - [2012-02-10 06:13:00 | 000,981,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
MOD - [2012-02-10 06:13:00 | 000,639,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll
MOD - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
MOD - [2012-02-10 05:02:06 | 003,262,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvui.dll
MOD - [2012-01-25 10:47:56 | 000,686,592 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\bvrpctln.dll
MOD - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2012-01-16 11:25:54 | 000,192,000 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\WebServices.dll
MOD - [2012-01-11 19:00:14 | 000,336,896 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\DownloadManager.dll
MOD - [2012-01-11 18:58:40 | 000,271,360 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\Statistics.dll
MOD - [2012-01-11 18:55:02 | 000,306,688 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\PluginManager.dll
MOD - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2011-11-23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
MOD - [2011-11-17 07:38:39 | 001,288,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2011-11-04 01:02:45 | 012,279,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
MOD - [2011-11-04 00:47:42 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
MOD - [2011-11-04 00:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2011-11-04 00:40:43 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2011-11-04 00:39:47 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2011-11-04 00:32:17 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2011-09-22 13:11:56 | 000,410,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll
MOD - [2011-09-22 13:09:44 | 000,093,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll
MOD - [2011-09-22 13:07:26 | 000,183,904 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll
MOD - [2011-09-22 13:05:24 | 000,394,024 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll
MOD - [2011-09-22 13:04:32 | 001,044,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll
MOD - [2011-09-22 13:02:30 | 000,101,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll
MOD - [2011-09-22 13:01:56 | 000,097,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll
MOD - [2011-09-22 13:00:52 | 000,245,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll
MOD - [2011-09-18 21:36:52 | 000,072,192 | ---- | M] (Martin Prikryl) -- C:\Program Files\WinSCP\DragExt.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2011-07-16 06:27:30 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2011-07-16 06:27:30 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2011-07-04 19:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\ggsip.dll
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-07-04 19:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\networkdao.dll
MOD - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
MOD - [2011-06-17 03:02:31 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011-06-17 03:02:31 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2011-06-17 03:01:15 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
MOD - [2011-06-17 03:01:14 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011-06-17 03:01:14 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011-06-06 12:55:30 | 000,394,136 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
MOD - [2011-05-24 14:20:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll
MOD - [2011-05-24 14:20:46 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-04-04 14:14:46 | 000,113,664 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\WUNPACLN.dll
MOD - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
MOD - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
MOD - [2011-02-19 08:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
MOD - [2011-02-17 11:00:46 | 000,327,680 | ---- | M] ([url="http://hunspell.sourceforge.net/"]http://hunspell.sourceforge.net/[/url]) -- C:\Program Files\Gadu-Gadu 10\libhunspell.dll
MOD - [2011-02-17 11:00:44 | 000,319,488 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- C:\Program Files\Gadu-Gadu 10\libcurl.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files\Gadu-Gadu 10\libeay32.dll
MOD - [2011-02-17 10:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files\Gadu-Gadu 10\ssleay32.dll
MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
MOD - [2010-12-13 10:58:50 | 000,047,616 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2010-11-20 14:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2010-11-20 14:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
MOD - [2010-11-20 14:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
MOD - [2010-11-20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
MOD - [2010-11-20 14:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2010-11-20 14:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
MOD - [2010-11-20 14:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2010-11-20 14:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
MOD - [2010-11-20 14:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll
MOD - [2010-11-20 14:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2010-11-20 14:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2010-11-20 14:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll
MOD - [2010-11-20 14:21:04 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
MOD - [2010-11-20 14:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2010-11-20 14:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2010-11-20 14:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll
MOD - [2010-11-20 14:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
MOD - [2010-11-20 14:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2010-11-20 14:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2010-11-20 14:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll
MOD - [2010-11-20 14:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
MOD - [2010-11-20 14:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2010-11-20 14:20:27 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
MOD - [2010-11-20 14:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
MOD - [2010-11-20 14:19:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
MOD - [2010-11-20 14:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2010-11-20 14:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
MOD - [2010-11-20 14:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2010-11-20 14:19:33 | 003,207,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2010-11-20 14:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2010-11-20 14:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll
MOD - [2010-11-20 14:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
MOD - [2010-11-20 14:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
MOD - [2010-11-20 14:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
MOD - [2010-11-20 14:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
MOD - [2010-11-20 14:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2010-11-20 14:18:25 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
MOD - [2010-11-20 14:18:25 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
MOD - [2010-11-20 14:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll
MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
MOD - [2010-11-20 14:18:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2010-11-20 14:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2010-11-20 14:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
MOD - [2010-11-20 14:18:05 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2010-11-20 14:18:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2010-11-20 14:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
MOD - [2010-11-20 14:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
MOD - [2010-11-20 14:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2010-11-20 14:16:50 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-10-07 13:23:00 | 000,152,864 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mdnsNSP.dll
MOD - [2010-08-07 13:38:02 | 000,337,920 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_library.dll
MOD - [2010-08-07 13:38:02 | 000,068,096 | ---- | M] (Artem Izmaylov) -- C:\Program Files\AIMP2\PlugIns\aimp_w7taskbar.dll
MOD - [2010-08-07 13:38:02 | 000,051,712 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_onlineradio.dll
MOD - [2010-08-07 13:38:02 | 000,050,688 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_update.dll
MOD - [2010-08-07 13:38:02 | 000,044,032 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_splashbar.dll
MOD - [2010-08-07 13:38:02 | 000,043,008 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_scheduler.dll
MOD - [2010-08-07 13:38:02 | 000,035,328 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\PlugIns\aimp_lastfm.dll
MOD - [2010-08-07 13:38:02 | 000,016,384 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\System\aimp_mmk.dll
MOD - [2010-08-07 13:38:00 | 001,262,592 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\AIMP2.exe
MOD - [2010-08-07 13:37:56 | 002,291,200 | ---- | M] (AIMP DevTeam) -- C:\Program Files\AIMP2\AIMP2.dll
MOD - [2010-06-17 11:31:40 | 000,099,896 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\bass.dll
MOD - [2010-05-06 09:50:54 | 000,016,448 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\System\bass_wma.dll
MOD - [2010-04-23 16:11:46 | 000,150,904 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_aac.dll
MOD - [2010-03-16 11:52:28 | 000,028,224 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\PlugIns\bass_wv.dll
MOD - [2009-12-26 22:23:50 | 000,186,880 | ---- | M] () -- C:\Program Files\AIMP2\sqlite3.dll
MOD - [2009-12-18 00:07:32 | 000,029,784 | ---- | M] ((: JOBnik! :) [Arthur Aminov, ISRAEL]) -- C:\Program Files\AIMP2\System\bass_fx.dll
MOD - [2009-12-09 10:40:04 | 000,025,152 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\PlugIns\bass_flac.dll
MOD - [2009-12-02 15:37:54 | 000,017,472 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\System\bass_cda.dll
MOD - [2009-12-01 14:17:12 | 000,012,352 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\System\bass_enc.dll
MOD - [2009-10-28 12:03:50 | 000,012,488 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_alac.dll
MOD - [2009-09-23 16:05:04 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Gadu-Gadu 10\dbghelp.dll
MOD - [2009-09-23 16:04:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll
MOD - [2009-09-22 13:42:30 | 000,027,200 | ---- | M] (Un4seen Developments) -- C:\Program Files\AIMP2\PlugIns\bassmidi.dll
MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2009-08-04 11:08:26 | 000,016,736 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_ac3.dll
MOD - [2009-08-03 10:17:44 | 000,033,624 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_ape.dll
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009-07-14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll
MOD - [2009-07-14 03:16:21 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2009-07-14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll
MOD - [2009-07-14 03:16:20 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
MOD - [2009-07-14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2009-07-14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
MOD - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll
MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009-07-14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-07-14 03:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
MOD - [2009-07-14 03:16:15 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll
MOD - [2009-07-14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll
MOD - [2009-07-14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDist.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfos.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll
MOD - [2009-07-14 03:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-07-14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
MOD - [2009-07-14 03:15:39 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2009-07-14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll
MOD - [2009-07-14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll
MOD - [2009-07-14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll
MOD - [2009-07-14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
MOD - [2009-07-14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll
MOD - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
MOD - [2009-07-14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-14 03:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009-07-14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll
MOD - [2009-07-14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll
MOD - [2009-05-22 13:55:56 | 000,021,320 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_mpc.dll
MOD - [2009-04-24 10:20:48 | 000,005,960 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_ofr.dll
MOD - [2008-10-25 10:27:54 | 000,044,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
MOD - [2008-02-28 18:06:46 | 001,836,328 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\MediaLibraryNSE.dll
MOD - [2008-02-27 19:49:50 | 000,008,536 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_tta.dll
MOD - [2008-02-27 16:25:04 | 000,047,936 | ---- | M] (MaresWEB) -- C:\Program Files\AIMP2\PlugIns\bass_spx.dll
MOD - [2006-03-04 02:52:00 | 000,088,576 | ---- | M] () -- C:\Program Files\AIMP2\OptimFROG.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-14 16:08:12 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-06-04 11:03:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-06-13 02:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2012-02-10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011-11-10 11:22:55 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-08-09 15:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 10:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-05-16 22:49:27 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010-05-16 22:48:26 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010-05-16 22:48:26 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010-03-19 16:14:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-03-19 16:14:12 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009-03-25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009-03-25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009-03-25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009-03-25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009-03-25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009-03-25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009-03-25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-02-16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-07-14 11:51:24 | 000,002,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\portio32.sys -- (portio32)
DRV - [2004-03-19 18:11:22 | 000,090,968 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = [url="http://search.msn.com/spbasic.htm"]http://search.msn.com/spbasic.htm[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url]
IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kuba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-27 17:46:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-23 01:23:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-02-18 16:26:50 | 000,000,000 | ---D | M]

[2010-02-27 05:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions
[2012-03-31 17:18:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions
[2012-01-03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\askcom.xml
[2012-03-31 17:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-03-31 17:06:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2010-02-27 13:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions
[2010-02-27 13:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012-03-13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-03-31 17:06:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-03-13 07:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-13 07:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-03-13 07:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-03-13 07:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-03-13 07:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-03-13 07:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

Hosts file not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B65B1F8B-1E95-46CC-B2C1-1BA6C9594A10}: DhcpNameServer = 172.22.1.13 8.8.8.8
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4b4dcbc0-0b7e-11e1-a92c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4b4dcbc0-0b7e-11e1-a92c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - State: "bootini" - 0
MsConfig - State: "startup" - 0
MsConfig - State: "services" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-04-18 18:09:36 | 004,467,613 | ---- | C] (Swearware) -- C:\Users\Kuba\Desktop\ComboFix.exe
[2012-04-10 22:51:59 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\TI
[2012-04-10 21:56:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-04-05 01:17:53 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Syndicate
[2012-03-31 17:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-03-31 17:07:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012-03-28 14:08:02 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Kuba
[2012-03-22 22:33:30 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Rovio
[2012-03-22 22:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
[2012-03-10 00:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-03-10 00:06:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-03-10 00:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-03-10 00:01:54 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-03-09 23:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\Phyxion.net
[2012-03-08 19:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012-03-08 19:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012-03-08 19:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012-03-02 12:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-03-02 12:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-03-02 12:33:09 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Google
[2012-03-01 03:41:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
[2012-03-01 03:40:25 | 000,000,000 | ---D | C] -- C:\Flashtool
[2012-02-21 18:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Unity
[2012-02-21 18:25:49 | 000,594,752 | ---- | C] (Unity Technologies ApS) -- C:\Users\Kuba\Desktop\UnityWebPlayer.exe
[2012-02-18 21:44:11 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\DarknessII
[2012-02-18 21:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
[2012-02-18 21:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\TNod User & Password Finder
[2012-02-18 21:06:33 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-02-18 21:06:08 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-04-18 18:44:01 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-18 18:10:04 | 004,467,613 | ---- | M] (Swearware) -- C:\Users\Kuba\Desktop\ComboFix.exe
[2012-04-18 18:08:36 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-18 17:18:57 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-18 17:18:57 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-18 17:15:56 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-18 17:15:56 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-18 17:15:56 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-18 17:15:56 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-18 17:11:32 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012-04-18 17:11:32 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-18 17:10:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-18 01:48:21 | 015,719,504 | ---- | M] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3
[2012-04-16 00:26:17 | 000,157,225 | ---- | M] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf
[2012-04-15 23:46:35 | 000,586,392 | ---- | M] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf
[2012-04-12 10:10:09 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012-04-11 02:53:48 | 000,145,576 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2012-03-29 11:04:02 | 001,334,738 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02296.JPG
[2012-03-29 11:03:48 | 001,491,329 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02295.JPG
[2012-03-29 11:03:36 | 001,463,265 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02294.JPG
[2012-03-29 11:03:28 | 001,539,660 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02293.JPG
[2012-03-28 13:32:25 | 000,421,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-03-27 17:47:31 | 000,000,008 | ---- | M] () -- C:\Windows\System32\camera.ini
[2012-03-27 17:46:59 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl
[2012-03-27 17:46:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-03-27 17:43:40 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2012-03-22 22:30:49 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk
[2012-03-16 02:37:53 | 000,000,663 | ---- | M] () -- C:\Users\Kuba\Desktop\DSJ4.lnk
[2012-03-08 02:33:22 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012-03-03 19:25:42 | 000,000,704 | ---- | M] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2012-02-28 19:50:58 | 001,271,472 | ---- | M] () -- C:\Users\Kuba\Documents\DSC02149.JPG
[2012-02-21 18:26:03 | 000,594,752 | ---- | M] (Unity Technologies ApS) -- C:\Users\Kuba\Desktop\UnityWebPlayer.exe
[2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-18 01:48:05 | 015,719,504 | ---- | C] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3
[2012-04-16 23:01:17 | 001,491,329 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02295.JPG
[2012-04-16 23:01:17 | 001,463,265 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02294.JPG
[2012-04-16 23:01:16 | 001,539,660 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02293.JPG
[2012-04-16 23:01:16 | 001,334,738 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02296.JPG
[2012-04-16 00:26:17 | 000,157,225 | ---- | C] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf
[2012-04-15 23:46:29 | 000,586,392 | ---- | C] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf
[2012-04-11 02:53:48 | 000,145,576 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012-03-31 01:16:11 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-03-27 17:46:42 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-03-27 17:46:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-03-22 22:30:49 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk
[2012-03-10 00:04:34 | 000,008,772 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012-03-08 19:52:57 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012-03-02 12:34:19 | 000,001,032 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-03-02 12:34:17 | 000,001,028 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-02-28 20:47:41 | 001,271,472 | ---- | C] () -- C:\Users\Kuba\Documents\DSC02149.JPG
[2012-02-09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012-01-03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\System32\abgx360.exe
[2011-12-12 21:41:17 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-12-12 21:41:17 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011-12-12 21:41:17 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011-10-24 20:04:28 | 000,000,600 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd
[2011-10-04 18:16:53 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011-07-12 16:44:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011-05-29 21:06:18 | 000,000,008 | ---- | C] () -- C:\Windows\System32\camera.ini
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011-02-27 14:12:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-02-27 14:10:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-02-17 08:29:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011-01-26 01:28:04 | 000,019,968 | ---- | C] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-26 00:38:22 | 000,002,048 | ---- | C] () -- C:\Windows\System32\drivers\portio32.sys
[2010-06-21 23:46:40 | 000,039,712 | ---- | C] () -- C:\Windows\System32\ASL.dll
[2010-05-18 22:28:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010-05-18 22:25:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010-02-28 02:36:51 | 000,138,056 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\PnkBstrK.sys
[2010-02-27 15:07:24 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini

[color=#E56717]========== LOP Check ==========[/color]

[2011-07-17 00:40:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.minecraft
[2012-03-11 15:40:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\abgx360
[2011-02-28 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer
[2010-02-27 17:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bioshock2
[2010-09-18 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bump Technologies, Inc
[2010-03-22 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Command and Conquer 4
[2010-02-28 01:46:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools
[2010-03-02 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2012-02-29 00:41:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DarknessII
[2011-06-24 17:40:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Day 1 Studios
[2011-11-06 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DeepBurner
[2011-11-09 19:20:18 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\FMA
[2012-03-25 17:15:23 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Gadu-Gadu 10
[2011-11-28 20:20:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GG Tools
[2011-11-10 03:06:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ImgBurn
[2012-03-27 17:44:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\IrfanView
[2010-09-29 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Leadertech
[2012-01-07 23:21:31 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI
[2011-07-26 14:20:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI - Internal Private Closed Beta
[2011-01-09 22:54:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\mkvtoolnix
[2011-11-10 00:58:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\MyPhoneExplorer
[2011-12-31 16:40:26 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Nel
[2011-06-23 01:04:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++
[2011-11-30 18:21:34 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Olsom
[2010-08-15 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\OpenFM
[2011-09-30 19:23:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Origin
[2010-09-12 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PMS
[2010-03-24 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Prison Break
[2011-12-12 21:10:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PunkBuster
[2010-02-28 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Red Alert 3
[2012-03-22 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Rovio
[2010-07-30 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Samsung
[2010-06-30 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sports Interactive
[2011-03-19 01:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\The Creative Assembly
[2011-02-17 01:22:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Tunngle
[2010-02-27 15:21:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft
[2012-04-18 18:50:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
[2012-03-21 11:39:13 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-09-25 19:59:34 | 000,004,032 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt
[2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2010-02-27 05:17:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-07-14 00:22:47 | 000,010,194 | ---- | M] () -- C:\MP4debug.log
[2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-09-11 15:06:35 | 000,271,082 | RHS- | M] () -- C:\PTRQH
[2010-09-11 15:06:35 | 000,000,020 | RHS- | M] () -- C:\win7.ld


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012-01-13 15:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< End of report >

[/log]

[log]OTL Extras logfile created on: 2012-04-18 18:50:47 - Run 2
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 57,37% Memory free
3,35 Gb Paging File | 2,01 Gb Available in Paging File | 59,97% Paging File free
Paging file location(s): d:\pagefile.sys 100 4900 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 1,33 Gb Free Space | 3,88% Space Free | Partition Type: NTFS
Drive D: | 431,57 Gb Total Space | 32,64 Gb Free Space | 7,56% Space Free | Partition Type: NTFS

Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Społeczności
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1" = Symulator Jazdy 2 v.1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java™ SE Development Kit 6 Update 26
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004
"{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}" = Google Earth Plug-in
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{685BCFA5-6B62-49D3-97EA-E7C29A70D961}" = Modern warfare 2 Multiplayer - Gardzij
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Społeczności
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Społeczności Na wakacjach
"{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"abgx360" = abgx360 v1.0.6
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AIMP2" = AIMP2
"ALLConverter to PSP_is1" = ALLConverter to PSP
"AviSynth" = AviSynth 2.5
"Battlelog Web Plugins" = Battlelog Web Plugins
"CanonMyPrinter" = Canon Utilities My Printer
"CCleaner" = CCleaner
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"CloneCD" = CloneCD
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Flashtool" = Flashtool
"Fraps" = Fraps (remove only)
"Gadu-Gadu 10" = Gadu-Gadu 10
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GG Tools_is1" = GG Tools
"GTA IV - Ultimate Vehicle Pack" = GTA IV - Ultimate Vehicle Pack v6.0.0.0
"ImgBurn" = ImgBurn
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MKVtoolnix" = MKVtoolnix 4.4.0
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"MPE" = MyPhoneExplorer
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PS3 Media Server" = PS3 Media Server
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 2.0.2
"SopCast" = SopCast 3.2.9
"Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
"Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204
"UltraISO_is1" = UltraISO Premium V9.36
"UnderCoverXP_is1" = UnderCoverXP 1.23
"Update Engine" = Sony Ericsson Update Engine
"Update Service" = Update Service
"uTorrent" = µTorrent
"VirtualDubMod" = VirtualDubMod 1.5.10.2 PL
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR
"winscp3_is1" = WinSCP 4.3.5

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

[/log]

nazwa wirusa

http://imageshack.us/photo/my-images/845/wirus.jpg/

Pozdrawiam!

Gość
komentarz
komentarz (edytowane)

Wykoaj log z kasperski [b]TDSSkiller[/b]. Tu masz instrukcje. Jeśli coś zostanie wykryte dla wszystkich wyników przyznaj opcję SKIP i przedstaw raport
[url="http://www.fixitpc.pl/topic/8-dezynfekcja-zbior-narzedzi-usuwajacych/"]http://www.fixitpc.p...zi-usuwajacych/[/url]


Log z Kasperskiego znajdziesz na dysku C.

  • Dobra wypowiedź 1
swiatek94
komentarz
komentarz

Zrobiłem jak napisałeś, znalazło dokładnie tą samą infekcje, co w przypadku NODa. Podrzucam loga

[log]21:46:00.0187 2392 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
21:46:00.0483 2392 ============================================================
21:46:00.0483 2392 Current date / time: 2012/04/18 21:46:00.0483
21:46:00.0483 2392 SystemInfo:
21:46:00.0483 2392
21:46:00.0483 2392 OS Version: 6.1.7601 ServicePack: 1.0
21:46:00.0483 2392 Product type: Workstation
21:46:00.0483 2392 ComputerName: KUBA-KOMPUTER
21:46:00.0484 2392 UserName: Kuba
21:46:00.0484 2392 Windows directory: C:\Windows
21:46:00.0484 2392 System windows directory: C:\Windows
21:46:00.0484 2392 Processor architecture: Intel x86
21:46:00.0484 2392 Number of processors: 2
21:46:00.0484 2392 Page size: 0x1000
21:46:00.0484 2392 Boot type: Normal boot
21:46:00.0484 2392 ============================================================
21:46:01.0275 2392 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:46:01.0277 2392 \Device\Harddisk0\DR0:
21:46:01.0277 2392 MBR partitions:
21:46:01.0277 2392 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x445C7AF
21:46:01.0290 2392 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x445C82D, BlocksNum 0x35F24553
21:46:01.0323 2392 C: <-> \Device\Harddisk0\DR0\Partition0
21:46:01.0341 2392 D: <-> \Device\Harddisk0\DR0\Partition1
21:46:01.0341 2392 Initialize success
21:46:01.0341 2392 ============================================================
21:46:42.0548 3588 ============================================================
21:46:42.0548 3588 Scan started
21:46:42.0548 3588 Mode: Manual; SigCheck; TDLFS;
21:46:42.0548 3588 ============================================================
21:46:43.0457 3588 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
21:46:43.0538 3588 1394ohci - ok
21:46:43.0582 3588 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
21:46:43.0598 3588 ACPI - ok
21:46:43.0629 3588 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
21:46:43.0763 3588 AcpiPmi - ok
21:46:43.0847 3588 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
21:46:43.0871 3588 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
21:46:43.0871 3588 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
21:46:43.0969 3588 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:46:43.0977 3588 AdobeARMservice - ok
21:46:44.0051 3588 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:46:44.0064 3588 AdobeFlashPlayerUpdateSvc - ok
21:46:44.0096 3588 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
21:46:44.0115 3588 adp94xx - ok
21:46:44.0130 3588 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
21:46:44.0143 3588 adpahci - ok
21:46:44.0166 3588 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
21:46:44.0191 3588 adpu320 - ok
21:46:44.0217 3588 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
21:46:44.0252 3588 AeLookupSvc - ok
21:46:44.0306 3588 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
21:46:44.0343 3588 AFD - ok
21:46:44.0367 3588 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
21:46:44.0375 3588 agp440 - ok
21:46:44.0396 3588 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
21:46:44.0406 3588 aic78xx - ok
21:46:44.0443 3588 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
21:46:44.0499 3588 ALG - ok
21:46:44.0526 3588 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
21:46:44.0535 3588 aliide - ok
21:46:44.0571 3588 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
21:46:44.0581 3588 amdagp - ok
21:46:44.0600 3588 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
21:46:44.0609 3588 amdide - ok
21:46:44.0632 3588 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
21:46:44.0663 3588 AmdK8 - ok
21:46:44.0674 3588 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
21:46:44.0687 3588 AmdPPM - ok
21:46:44.0717 3588 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
21:46:44.0727 3588 amdsata - ok
21:46:44.0741 3588 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
21:46:44.0752 3588 amdsbs - ok
21:46:44.0780 3588 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
21:46:44.0789 3588 amdxata - ok
21:46:44.0818 3588 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
21:46:44.0899 3588 AppID - ok
21:46:44.0923 3588 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
21:46:44.0952 3588 AppIDSvc - ok
21:46:44.0990 3588 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
21:46:45.0018 3588 Appinfo - ok
21:46:45.0077 3588 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:46:45.0084 3588 Apple Mobile Device - ok
21:46:45.0112 3588 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
21:46:45.0145 3588 AppMgmt - ok
21:46:45.0158 3588 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
21:46:45.0168 3588 arc - ok
21:46:45.0180 3588 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
21:46:45.0190 3588 arcsas - ok
21:46:45.0270 3588 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:46:45.0279 3588 aspnet_state - ok
21:46:45.0301 3588 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
21:46:45.0370 3588 AsyncMac - ok
21:46:45.0403 3588 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
21:46:45.0410 3588 atapi - ok
21:46:45.0452 3588 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
21:46:50.0451 3588 atksgt - ok
21:46:50.0499 3588 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:46:50.0527 3588 AudioEndpointBuilder - ok
21:46:50.0536 3588 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:46:50.0558 3588 Audiosrv - ok
21:46:50.0597 3588 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
21:46:50.0647 3588 AxInstSV - ok
21:46:50.0680 3588 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
21:46:50.0710 3588 b06bdrv - ok
21:46:50.0734 3588 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:46:50.0773 3588 b57nd60x - ok
21:46:50.0803 3588 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
21:46:50.0827 3588 BDESVC - ok
21:46:50.0843 3588 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
21:46:50.0875 3588 Beep - ok
21:46:50.0925 3588 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
21:46:50.0964 3588 BFE - ok
21:46:50.0997 3588 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
21:46:51.0048 3588 BITS - ok
21:46:51.0072 3588 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
21:46:51.0084 3588 blbdrive - ok
21:46:51.0141 3588 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
21:46:51.0152 3588 Bonjour Service - ok
21:46:51.0179 3588 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
21:46:51.0219 3588 bowser - ok
21:46:51.0231 3588 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:46:51.0263 3588 BrFiltLo - ok
21:46:51.0277 3588 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:46:51.0301 3588 BrFiltUp - ok
21:46:51.0339 3588 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
21:46:51.0373 3588 Browser - ok
21:46:51.0399 3588 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
21:46:51.0431 3588 Brserid - ok
21:46:51.0443 3588 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
21:46:51.0472 3588 BrSerWdm - ok
21:46:51.0488 3588 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:46:51.0517 3588 BrUsbMdm - ok
21:46:51.0541 3588 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
21:46:51.0561 3588 BrUsbSer - ok
21:46:51.0572 3588 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
21:46:51.0598 3588 BTHMODEM - ok
21:46:51.0637 3588 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
21:46:51.0660 3588 bthserv - ok
21:46:51.0673 3588 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
21:46:51.0708 3588 cdfs - ok
21:46:51.0756 3588 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
21:46:51.0766 3588 cdrom - ok
21:46:51.0804 3588 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:46:51.0825 3588 CertPropSvc - ok
21:46:51.0837 3588 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
21:46:51.0860 3588 circlass - ok
21:46:51.0899 3588 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
21:46:51.0951 3588 CLFS - ok
21:46:52.0076 3588 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:46:52.0084 3588 clr_optimization_v2.0.50727_32 - ok
21:46:52.0152 3588 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:46:52.0162 3588 clr_optimization_v4.0.30319_32 - ok
21:46:52.0173 3588 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
21:46:52.0184 3588 CmBatt - ok
21:46:52.0214 3588 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
21:46:52.0223 3588 cmdide - ok
21:46:52.0243 3588 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
21:46:52.0273 3588 CNG - ok
21:46:52.0293 3588 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
21:46:52.0303 3588 Compbatt - ok
21:46:52.0337 3588 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
21:46:52.0352 3588 CompositeBus - ok
21:46:52.0363 3588 COMSysApp - ok
21:46:52.0387 3588 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
21:46:52.0396 3588 crcdisk - ok
21:46:52.0439 3588 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
21:46:52.0464 3588 CryptSvc - ok
21:46:52.0534 3588 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
21:46:52.0580 3588 CSC - ok
21:46:52.0625 3588 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
21:46:52.0646 3588 CscService - ok
21:46:52.0687 3588 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:46:52.0717 3588 DcomLaunch - ok
21:46:52.0755 3588 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
21:46:52.0781 3588 defragsvc - ok
21:46:52.0819 3588 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
21:46:52.0850 3588 DfsC - ok
21:46:52.0888 3588 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
21:46:52.0925 3588 Dhcp - ok
21:46:52.0952 3588 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
21:46:52.0974 3588 discache - ok
21:46:53.0009 3588 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
21:46:53.0019 3588 Disk - ok
21:46:53.0051 3588 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
21:46:53.0081 3588 Dnscache - ok
21:46:53.0112 3588 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
21:46:53.0141 3588 dot3svc - ok
21:46:53.0176 3588 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
21:46:53.0209 3588 DPS - ok
21:46:53.0243 3588 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
21:46:53.0266 3588 drmkaud - ok
21:46:53.0308 3588 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
21:46:53.0348 3588 DXGKrnl - ok
21:46:53.0553 3588 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys
21:46:53.0578 3588 eamonm - ok
21:46:53.0598 3588 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
21:46:53.0630 3588 EapHost - ok
21:46:53.0709 3588 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
21:46:53.0791 3588 ebdrv - ok
21:46:53.0817 3588 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
21:46:53.0830 3588 EFS - ok
21:46:53.0882 3588 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys
21:46:53.0890 3588 ehdrv - ok
21:46:53.0930 3588 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
21:46:53.0962 3588 ehRecvr - ok
21:46:53.0978 3588 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
21:46:54.0002 3588 ehSched - ok
21:46:54.0068 3588 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
21:46:54.0096 3588 ekrn - ok
21:46:54.0149 3588 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
21:46:54.0158 3588 ElbyCDFL - ok
21:46:54.0237 3588 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\Windows\system32\Drivers\ElbyCDIO.sys
21:46:54.0245 3588 ElbyCDIO - ok
21:46:54.0283 3588 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
21:46:54.0300 3588 elxstor - ok
21:46:54.0328 3588 epfwwfpr (f39c91795ebdb9ecbeb5a388ff2841fe) C:\Windows\system32\DRIVERS\epfwwfpr.sys
21:46:54.0336 3588 epfwwfpr - ok
21:46:54.0363 3588 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
21:46:54.0381 3588 ErrDev - ok
21:46:54.0411 3588 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
21:46:54.0447 3588 EventSystem - ok
21:46:54.0463 3588 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
21:46:54.0486 3588 exfat - ok
21:46:54.0505 3588 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
21:46:54.0539 3588 fastfat - ok
21:46:54.0584 3588 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
21:46:54.0637 3588 Fax - ok
21:46:54.0659 3588 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
21:46:54.0675 3588 fdc - ok
21:46:54.0703 3588 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
21:46:54.0726 3588 fdPHost - ok
21:46:54.0744 3588 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
21:46:54.0778 3588 FDResPub - ok
21:46:54.0795 3588 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
21:46:54.0805 3588 FileInfo - ok
21:46:54.0818 3588 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
21:46:54.0839 3588 Filetrace - ok
21:46:54.0857 3588 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
21:46:54.0881 3588 flpydisk - ok
21:46:54.0917 3588 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
21:46:54.0929 3588 FltMgr - ok
21:46:54.0976 3588 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
21:46:55.0024 3588 FontCache - ok
21:46:55.0068 3588 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:46:55.0077 3588 FontCache3.0.0.0 - ok
21:46:55.0094 3588 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
21:46:55.0104 3588 FsDepends - ok
21:46:55.0125 3588 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
21:46:55.0134 3588 Fs_Rec - ok
21:46:55.0179 3588 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
21:46:55.0194 3588 fvevol - ok
21:46:55.0206 3588 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:46:55.0216 3588 gagp30kx - ok
21:46:55.0251 3588 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:46:55.0258 3588 GEARAspiWDM - ok
21:46:55.0286 3588 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
21:46:55.0293 3588 ggflt - ok
21:46:55.0319 3588 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
21:46:55.0326 3588 ggsemc - ok
21:46:55.0365 3588 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
21:46:55.0397 3588 gpsvc - ok
21:46:55.0458 3588 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:46:55.0469 3588 gupdate - ok
21:46:55.0485 3588 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:46:55.0491 3588 gupdatem - ok
21:46:55.0517 3588 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
21:46:55.0524 3588 hamachi - ok
21:46:55.0540 3588 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
21:46:55.0572 3588 hcw85cir - ok
21:46:55.0638 3588 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
21:46:55.0656 3588 HdAudAddService - ok
21:46:55.0689 3588 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
21:46:55.0703 3588 HDAudBus - ok
21:46:55.0727 3588 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
21:46:55.0759 3588 HidBatt - ok
21:46:55.0784 3588 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
21:46:55.0803 3588 HidBth - ok
21:46:55.0816 3588 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
21:46:55.0830 3588 HidIr - ok
21:46:55.0858 3588 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
21:46:55.0880 3588 hidserv - ok
21:46:55.0921 3588 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
21:46:55.0942 3588 HidUsb - ok
21:46:55.0973 3588 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
21:46:55.0995 3588 hkmsvc - ok
21:46:56.0030 3588 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
21:46:56.0056 3588 HomeGroupListener - ok
21:46:56.0091 3588 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
21:46:56.0120 3588 HomeGroupProvider - ok
21:46:56.0141 3588 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
21:46:56.0151 3588 HpSAMD - ok
21:46:56.0206 3588 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
21:46:56.0235 3588 HTTP - ok
21:46:56.0274 3588 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
21:46:56.0283 3588 hwpolicy - ok
21:46:56.0310 3588 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
21:46:56.0331 3588 i8042prt - ok
21:46:56.0367 3588 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
21:46:56.0383 3588 iaStorV - ok
21:46:56.0439 3588 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:46:56.0470 3588 idsvc - ok
21:46:56.0482 3588 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
21:46:56.0491 3588 iirsp - ok
21:46:56.0530 3588 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
21:46:56.0585 3588 IKEEXT - ok
21:46:56.0612 3588 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
21:46:56.0621 3588 intelide - ok
21:46:56.0649 3588 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
21:46:56.0666 3588 intelppm - ok
21:46:56.0698 3588 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
21:46:56.0726 3588 IPBusEnum - ok
21:46:56.0738 3588 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:46:56.0766 3588 IpFilterDriver - ok
21:46:56.0806 3588 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
21:46:56.0838 3588 iphlpsvc - ok
21:46:56.0854 3588 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
21:46:56.0866 3588 IPMIDRV - ok
21:46:56.0885 3588 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
21:46:56.0908 3588 IPNAT - ok
21:46:56.0964 3588 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe
21:46:56.0992 3588 iPod Service - ok
21:46:57.0011 3588 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
21:46:57.0047 3588 IRENUM - ok
21:46:57.0068 3588 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
21:46:57.0078 3588 isapnp - ok
21:46:57.0095 3588 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
21:46:57.0109 3588 iScsiPrt - ok
21:46:57.0158 3588 ISODrive (2f03ceb28307983f3b36216d35ffa5aa) C:\Program Files\UltraISO\drivers\ISODrive.sys
21:46:57.0167 3588 ISODrive - ok
21:46:57.0185 3588 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
21:46:57.0194 3588 kbdclass - ok
21:46:57.0231 3588 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
21:46:57.0246 3588 kbdhid - ok
21:46:57.0274 3588 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
21:46:57.0284 3588 KeyIso - ok
21:46:57.0319 3588 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
21:46:57.0360 3588 KSecDD - ok
21:46:57.0380 3588 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
21:46:57.0392 3588 KSecPkg - ok
21:46:57.0417 3588 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
21:46:57.0458 3588 KtmRm - ok
21:46:57.0493 3588 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
21:46:57.0528 3588 LanmanServer - ok
21:46:57.0556 3588 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
21:46:57.0586 3588 LanmanWorkstation - ok
21:46:57.0632 3588 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
21:46:57.0640 3588 lirsgt - ok
21:46:57.0657 3588 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
21:46:57.0680 3588 lltdio - ok
21:46:57.0705 3588 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
21:46:57.0731 3588 lltdsvc - ok
21:46:57.0746 3588 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
21:46:57.0772 3588 lmhosts - ok
21:46:57.0794 3588 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:46:57.0805 3588 LSI_FC - ok
21:46:57.0818 3588 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:46:57.0829 3588 LSI_SAS - ok
21:46:57.0845 3588 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:46:57.0854 3588 LSI_SAS2 - ok
21:46:57.0867 3588 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:46:57.0878 3588 LSI_SCSI - ok
21:46:57.0895 3588 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
21:46:57.0918 3588 luafv - ok
21:46:57.0957 3588 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
21:46:57.0969 3588 Mcx2Svc - ok
21:46:57.0996 3588 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
21:46:58.0005 3588 megasas - ok
21:46:58.0024 3588 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
21:46:58.0038 3588 MegaSR - ok
21:46:58.0065 3588 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:46:58.0097 3588 MMCSS - ok
21:46:58.0108 3588 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
21:46:58.0129 3588 Modem - ok
21:46:58.0151 3588 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
21:46:58.0178 3588 monitor - ok
21:46:58.0200 3588 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
21:46:58.0209 3588 mouclass - ok
21:46:58.0225 3588 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
21:46:58.0237 3588 mouhid - ok
21:46:58.0264 3588 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
21:46:58.0274 3588 mountmgr - ok
21:46:58.0300 3588 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
21:46:58.0311 3588 mpio - ok
21:46:58.0329 3588 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
21:46:58.0349 3588 mpsdrv - ok
21:46:58.0387 3588 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
21:46:58.0429 3588 MpsSvc - ok
21:46:58.0465 3588 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
21:46:58.0519 3588 MRxDAV - ok
21:46:58.0549 3588 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:46:58.0571 3588 mrxsmb - ok
21:46:58.0646 3588 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:46:58.0660 3588 mrxsmb10 - ok
21:46:58.0755 3588 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:46:58.0785 3588 mrxsmb20 - ok
21:46:58.0813 3588 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
21:46:58.0822 3588 msahci - ok
21:46:58.0842 3588 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
21:46:58.0853 3588 msdsm - ok
21:46:58.0879 3588 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
21:46:58.0893 3588 MSDTC - ok
21:46:58.0923 3588 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
21:46:58.0953 3588 Msfs - ok
21:46:58.0988 3588 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
21:46:59.0010 3588 mshidkmdf - ok
21:46:59.0027 3588 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
21:46:59.0035 3588 msisadrv - ok
21:46:59.0060 3588 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
21:46:59.0093 3588 MSiSCSI - ok
21:46:59.0102 3588 msiserver - ok
21:46:59.0128 3588 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
21:46:59.0159 3588 MSKSSRV - ok
21:46:59.0190 3588 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
21:46:59.0211 3588 MSPCLOCK - ok
21:46:59.0224 3588 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
21:46:59.0249 3588 MSPQM - ok
21:46:59.0272 3588 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
21:46:59.0284 3588 MsRPC - ok
21:46:59.0300 3588 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
21:46:59.0310 3588 mssmbios - ok
21:46:59.0331 3588 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
21:46:59.0352 3588 MSTEE - ok
21:46:59.0364 3588 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
21:46:59.0380 3588 MTConfig - ok
21:46:59.0425 3588 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
21:46:59.0445 3588 MTsensor - ok
21:46:59.0466 3588 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
21:46:59.0476 3588 Mup - ok
21:46:59.0510 3588 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
21:46:59.0538 3588 napagent - ok
21:46:59.0585 3588 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
21:46:59.0615 3588 NativeWifiP - ok
21:46:59.0671 3588 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
21:46:59.0688 3588 NDIS - ok
21:46:59.0715 3588 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
21:46:59.0737 3588 NdisCap - ok
21:46:59.0766 3588 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
21:46:59.0791 3588 NdisTapi - ok
21:46:59.0828 3588 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
21:46:59.0859 3588 Ndisuio - ok
21:46:59.0893 3588 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
21:46:59.0915 3588 NdisWan - ok
21:46:59.0951 3588 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
21:46:59.0982 3588 NDProxy - ok
21:47:00.0066 3588 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
21:47:00.0095 3588 Nero BackItUp Scheduler 3 - ok
21:47:00.0118 3588 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
21:47:00.0149 3588 NetBIOS - ok
21:47:00.0174 3588 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
21:47:00.0198 3588 NetBT - ok
21:47:00.0222 3588 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
21:47:00.0233 3588 Netlogon - ok
21:47:00.0279 3588 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
21:47:00.0308 3588 Netman - ok
21:47:00.0376 3588 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:47:00.0386 3588 NetMsmqActivator - ok
21:47:00.0391 3588 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:47:00.0398 3588 NetPipeActivator - ok
21:47:00.0423 3588 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
21:47:00.0451 3588 netprofm - ok
21:47:00.0470 3588 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:47:00.0477 3588 NetTcpActivator - ok
21:47:00.0481 3588 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:47:00.0489 3588 NetTcpPortSharing - ok
21:47:00.0515 3588 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
21:47:00.0524 3588 nfrd960 - ok
21:47:00.0546 3588 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
21:47:00.0577 3588 NlaSvc - ok
21:47:00.0614 3588 NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
21:47:00.0639 3588 NMIndexingService - ok
21:47:00.0650 3588 nmwcdnsu - ok
21:47:00.0668 3588 nmwcdnsuc - ok
21:47:00.0691 3588 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
21:47:00.0717 3588 Npfs - ok
21:47:00.0735 3588 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
21:47:00.0774 3588 nsi - ok
21:47:00.0790 3588 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
21:47:00.0824 3588 nsiproxy - ok
21:47:00.0873 3588 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
21:47:00.0915 3588 Ntfs - ok
21:47:00.0932 3588 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
21:47:00.0963 3588 Null - ok
21:47:01.0153 3588 nvlddmkm (f452e6ad3eda2852f44be492e283c40f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:47:01.0413 3588 nvlddmkm - ok
21:47:01.0463 3588 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
21:47:01.0474 3588 nvraid - ok
21:47:01.0503 3588 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
21:47:01.0515 3588 nvstor - ok
21:47:01.0571 3588 nvsvc (70145ade9efe2ce296dd5fc761b4969b) C:\Windows\system32\nvvsvc.exe
21:47:01.0598 3588 nvsvc - ok
21:47:01.0674 3588 nvUpdatusService (d3acc38a963b71bd4d2dfdc1050219b9) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:47:01.0739 3588 nvUpdatusService - ok
21:47:01.0772 3588 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
21:47:01.0782 3588 nv_agp - ok
21:47:01.0827 3588 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:47:01.0844 3588 odserv - ok
21:47:01.0867 3588 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
21:47:01.0886 3588 ohci1394 - ok
21:47:01.0931 3588 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:47:01.0941 3588 ose - ok
21:47:01.0971 3588 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:47:01.0995 3588 p2pimsvc - ok
21:47:02.0018 3588 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
21:47:02.0042 3588 p2psvc - ok
21:47:02.0060 3588 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
21:47:02.0071 3588 Parport - ok
21:47:02.0100 3588 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
21:47:02.0110 3588 partmgr - ok
21:47:02.0131 3588 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
21:47:02.0144 3588 Parvdm - ok
21:47:02.0164 3588 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
21:47:02.0181 3588 PcaSvc - ok
21:47:02.0213 3588 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
21:47:02.0225 3588 pci - ok
21:47:02.0241 3588 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
21:47:02.0250 3588 pciide - ok
21:47:02.0273 3588 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
21:47:02.0287 3588 pcmcia - ok
21:47:02.0305 3588 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
21:47:02.0316 3588 pcw - ok
21:47:02.0350 3588 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
21:47:02.0391 3588 PEAUTH - ok
21:47:02.0433 3588 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
21:47:02.0473 3588 PeerDistSvc - ok
21:47:02.0533 3588 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
21:47:02.0585 3588 pla - ok
21:47:02.0613 3588 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
21:47:02.0619 3588 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
21:47:02.0619 3588 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
21:47:02.0660 3588 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
21:47:02.0698 3588 PlugPlay - ok
21:47:02.0724 3588 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
21:47:02.0734 3588 PnkBstrA - ok
21:47:02.0752 3588 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
21:47:02.0770 3588 PNRPAutoReg - ok
21:47:02.0785 3588 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:47:02.0798 3588 PNRPsvc - ok
21:47:02.0834 3588 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
21:47:02.0862 3588 PolicyAgent - ok
21:47:02.0914 3588 portio32 (09687a361c9f1418973a4ae17d2f52cc) C:\Windows\system32\drivers\portio32.sys
21:47:02.0918 3588 portio32 ( UnsignedFile.Multi.Generic ) - warning
21:47:02.0918 3588 portio32 - detected UnsignedFile.Multi.Generic (1)
21:47:02.0945 3588 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
21:47:02.0979 3588 Power - ok
21:47:03.0004 3588 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
21:47:03.0031 3588 PptpMiniport - ok
21:47:03.0055 3588 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
21:47:03.0078 3588 Processor - ok
21:47:03.0108 3588 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
21:47:03.0132 3588 ProfSvc - ok
21:47:03.0162 3588 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
21:47:03.0173 3588 ProtectedStorage - ok
21:47:03.0199 3588 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
21:47:03.0235 3588 Psched - ok
21:47:03.0276 3588 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
21:47:03.0319 3588 ql2300 - ok
21:47:03.0336 3588 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
21:47:03.0347 3588 ql40xx - ok
21:47:03.0375 3588 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
21:47:03.0392 3588 QWAVE - ok
21:47:03.0412 3588 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
21:47:03.0442 3588 QWAVEdrv - ok
21:47:03.0463 3588 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
21:47:03.0495 3588 RasAcd - ok
21:47:03.0519 3588 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:47:03.0549 3588 RasAgileVpn - ok
21:47:03.0568 3588 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
21:47:03.0602 3588 RasAuto - ok
21:47:03.0623 3588 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:47:03.0653 3588 Rasl2tp - ok
21:47:03.0690 3588 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
21:47:03.0717 3588 RasMan - ok
21:47:03.0743 3588 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
21:47:03.0765 3588 RasPppoe - ok
21:47:03.0802 3588 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
21:47:03.0837 3588 RasSstp - ok
21:47:03.0871 3588 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
21:47:03.0899 3588 rdbss - ok
21:47:03.0924 3588 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
21:47:03.0937 3588 rdpbus - ok
21:47:03.0960 3588 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:47:03.0979 3588 RDPCDD - ok
21:47:04.0011 3588 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
21:47:04.0029 3588 RDPDR - ok
21:47:04.0053 3588 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
21:47:04.0082 3588 RDPENCDD - ok
21:47:04.0106 3588 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
21:47:04.0132 3588 RDPREFMP - ok
21:47:04.0166 3588 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
21:47:04.0196 3588 RdpVideoMiniport - ok
21:47:04.0232 3588 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
21:47:04.0254 3588 RDPWD - ok
21:47:04.0308 3588 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
21:47:04.0320 3588 rdyboost - ok
21:47:04.0347 3588 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
21:47:04.0378 3588 RemoteAccess - ok
21:47:04.0413 3588 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
21:47:04.0437 3588 RemoteRegistry - ok
21:47:04.0508 3588 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
21:47:04.0541 3588 RpcEptMapper - ok
21:47:04.0569 3588 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
21:47:04.0580 3588 RpcLocator - ok
21:47:04.0614 3588 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:47:04.0639 3588 RpcSs - ok
21:47:04.0671 3588 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
21:47:04.0693 3588 rspndr - ok
21:47:04.0741 3588 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\Windows\system32\DRIVERS\s1018bus.sys
21:47:04.0749 3588 s1018bus - ok
21:47:04.0784 3588 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\Windows\system32\DRIVERS\s1018mdfl.sys
21:47:04.0791 3588 s1018mdfl - ok
21:47:04.0829 3588 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\Windows\system32\DRIVERS\s1018mdm.sys
21:47:04.0837 3588 s1018mdm - ok
21:47:04.0868 3588 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\Windows\system32\DRIVERS\s1018mgmt.sys
21:47:04.0888 3588 s1018mgmt - ok
21:47:04.0923 3588 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\Windows\system32\DRIVERS\s1018nd5.sys
21:47:04.0930 3588 s1018nd5 - ok
21:47:04.0967 3588 s1018obex (49431efda842b474531c29ffae9f5d09) C:\Windows\system32\DRIVERS\s1018obex.sys
21:47:04.0976 3588 s1018obex - ok
21:47:04.0998 3588 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\Windows\system32\DRIVERS\s1018unic.sys
21:47:05.0009 3588 s1018unic - ok
21:47:05.0040 3588 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
21:47:05.0064 3588 s3cap - ok
21:47:05.0086 3588 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
21:47:05.0097 3588 SamSs - ok
21:47:05.0133 3588 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
21:47:05.0144 3588 sbp2port - ok
21:47:05.0162 3588 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
21:47:05.0192 3588 SCardSvr - ok
21:47:05.0217 3588 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
21:47:05.0236 3588 scfilter - ok
21:47:05.0276 3588 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
21:47:05.0320 3588 Schedule - ok
21:47:05.0347 3588 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:47:05.0366 3588 SCPolicySvc - ok
21:47:05.0403 3588 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
21:47:05.0423 3588 SDRSVC - ok
21:47:05.0449 3588 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:47:05.0477 3588 secdrv - ok
21:47:05.0496 3588 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
21:47:05.0523 3588 seclogon - ok
21:47:05.0561 3588 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
21:47:05.0597 3588 seehcri - ok
21:47:05.0630 3588 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
21:47:05.0661 3588 SENS - ok
21:47:05.0683 3588 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
21:47:05.0713 3588 SensrSvc - ok
21:47:05.0735 3588 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
21:47:05.0746 3588 Serenum - ok
21:47:05.0768 3588 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
21:47:05.0812 3588 Serial - ok
21:47:05.0847 3588 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
21:47:05.0858 3588 sermouse - ok
21:47:05.0897 3588 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
21:47:05.0920 3588 SessionEnv - ok
21:47:05.0959 3588 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
21:47:05.0977 3588 sffdisk - ok
21:47:05.0991 3588 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
21:47:06.0001 3588 sffp_mmc - ok
21:47:06.0013 3588 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
21:47:06.0035 3588 sffp_sd - ok
21:47:06.0056 3588 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
21:47:06.0068 3588 sfloppy - ok
21:47:06.0098 3588 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
21:47:06.0134 3588 SharedAccess - ok
21:47:06.0167 3588 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
21:47:06.0194 3588 ShellHWDetection - ok
21:47:06.0223 3588 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
21:47:06.0233 3588 sisagp - ok
21:47:06.0266 3588 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:47:06.0276 3588 SiSRaid2 - ok
21:47:06.0293 3588 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
21:47:06.0304 3588 SiSRaid4 - ok
21:47:06.0322 3588 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
21:47:06.0344 3588 Smb - ok
21:47:06.0386 3588 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
21:47:06.0398 3588 SNMPTRAP - ok
21:47:06.0415 3588 snpstd - ok
21:47:06.0479 3588 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
21:47:06.0490 3588 Sony PC Companion - ok
21:47:06.0507 3588 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
21:47:06.0516 3588 spldr - ok
21:47:06.0555 3588 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
21:47:06.0593 3588 Spooler - ok
21:47:06.0663 3588 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
21:47:06.0747 3588 sppsvc - ok
21:47:06.0786 3588 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
21:47:06.0807 3588 sppuinotify - ok
21:47:06.0849 3588 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys
21:47:06.0849 3588 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
21:47:06.0850 3588 sptd ( LockedFile.Multi.Generic ) - warning
21:47:06.0850 3588 sptd - detected LockedFile.Multi.Generic (1)
21:47:06.0886 3588 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
21:47:06.0929 3588 srv - ok
21:47:06.0969 3588 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
21:47:06.0995 3588 srv2 - ok
21:47:07.0030 3588 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
21:47:07.0042 3588 srvnet - ok
21:47:07.0071 3588 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
21:47:07.0097 3588 SSDPSRV - ok
21:47:07.0120 3588 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
21:47:07.0149 3588 SstpSvc - ok
21:47:07.0191 3588 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
21:47:07.0195 3588 StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:47:07.0195 3588 StarOpen - detected UnsignedFile.Multi.Generic (1)
21:47:07.0211 3588 Steam Client Service - ok
21:47:07.0256 3588 Stereo Service (8544a200c40447e465f06e58687428bb) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:47:07.0270 3588 Stereo Service - ok
21:47:07.0299 3588 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
21:47:07.0310 3588 stexstor - ok
21:47:07.0344 3588 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
21:47:07.0373 3588 StiSvc - ok
21:47:07.0411 3588 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
21:47:07.0421 3588 storflt - ok
21:47:07.0461 3588 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
21:47:07.0473 3588 storvsc - ok
21:47:07.0500 3588 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
21:47:07.0508 3588 swenum - ok
21:47:07.0536 3588 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
21:47:07.0575 3588 swprv - ok
21:47:07.0610 3588 Synth3dVsc - ok
21:47:07.0670 3588 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
21:47:07.0712 3588 SysMain - ok
21:47:07.0744 3588 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
21:47:07.0760 3588 TabletInputService - ok
21:47:07.0795 3588 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
21:47:07.0838 3588 TapiSrv - ok
21:47:07.0864 3588 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
21:47:07.0887 3588 TBS - ok
21:47:07.0942 3588 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
21:47:07.0986 3588 Tcpip - ok
21:47:08.0034 3588 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
21:47:08.0057 3588 TCPIP6 - ok
21:47:08.0090 3588 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
21:47:08.0109 3588 tcpipreg - ok
21:47:08.0143 3588 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
21:47:08.0170 3588 TDPIPE - ok
21:47:08.0206 3588 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
21:47:08.0226 3588 TDTCP - ok
21:47:08.0260 3588 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
21:47:08.0288 3588 tdx - ok
21:47:08.0313 3588 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
21:47:08.0323 3588 TermDD - ok
21:47:08.0362 3588 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
21:47:08.0394 3588 TermService - ok
21:47:08.0409 3588 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
21:47:08.0429 3588 Themes - ok
21:47:08.0459 3588 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:47:08.0482 3588 THREADORDER - ok
21:47:08.0520 3588 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
21:47:08.0552 3588 TrkWks - ok
21:47:08.0585 3588 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
21:47:08.0619 3588 TrustedInstaller - ok
21:47:08.0638 3588 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:47:08.0662 3588 tssecsrv - ok
21:47:08.0684 3588 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
21:47:08.0710 3588 TsUsbFlt - ok
21:47:08.0721 3588 tsusbhub - ok
21:47:08.0761 3588 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
21:47:08.0821 3588 tunnel - ok
21:47:08.0846 3588 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
21:47:08.0856 3588 uagp35 - ok
21:47:08.0878 3588 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
21:47:08.0917 3588 udfs - ok
21:47:08.0944 3588 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
21:47:08.0957 3588 UI0Detect - ok
21:47:08.0998 3588 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
21:47:09.0008 3588 uliagpkx - ok
21:47:09.0054 3588 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
21:47:09.0065 3588 umbus - ok
21:47:09.0094 3588 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
21:47:09.0107 3588 UmPass - ok
21:47:09.0154 3588 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
21:47:09.0174 3588 UmRdpService - ok
21:47:09.0205 3588 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
21:47:09.0238 3588 upnphost - ok
21:47:09.0262 3588 upperdev - ok
21:47:09.0300 3588 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
21:47:09.0331 3588 USBAAPL - ok
21:47:09.0358 3588 usbbus (8ef48ff1c23b1ce6f96d09a45959eb20) C:\Windows\system32\DRIVERS\lgusbbus.sys
21:47:09.0377 3588 usbbus - ok
21:47:09.0407 3588 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
21:47:09.0422 3588 usbccgp - ok
21:47:09.0451 3588 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
21:47:09.0473 3588 usbcir - ok
21:47:09.0492 3588 UsbDiag (a0e24c5c2d0cff04bbd3753a72fae80b) C:\Windows\system32\DRIVERS\lgusbdiag.sys
21:47:09.0502 3588 UsbDiag - ok
21:47:09.0545 3588 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
21:47:09.0555 3588 usbehci - ok
21:47:09.0599 3588 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\drivers\usbhub.sys
21:47:09.0624 3588 usbhub - ok
21:47:09.0649 3588 USBModem (cc09a1132b1f6a8362107cc134e90d0b) C:\Windows\system32\DRIVERS\lgusbmodem.sys
21:47:09.0667 3588 USBModem - ok
21:47:09.0687 3588 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
21:47:09.0703 3588 usbohci - ok
21:47:09.0725 3588 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
21:47:09.0738 3588 usbprint - ok
21:47:09.0779 3588 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
21:47:09.0803 3588 usbscan - ok
21:47:09.0830 3588 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:47:09.0847 3588 USBSTOR - ok
21:47:09.0879 3588 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
21:47:09.0897 3588 usbuhci - ok
21:47:09.0937 3588 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
21:47:09.0952 3588 usbvideo - ok
21:47:09.0970 3588 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
21:47:10.0001 3588 UxSms - ok
21:47:10.0025 3588 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
21:47:10.0036 3588 VaultSvc - ok
21:47:10.0069 3588 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
21:47:10.0079 3588 vdrvroot - ok
21:47:10.0118 3588 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
21:47:10.0155 3588 vds - ok
21:47:10.0191 3588 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
21:47:10.0203 3588 vga - ok
21:47:10.0221 3588 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
21:47:10.0243 3588 VgaSave - ok
21:47:10.0256 3588 VGPU - ok
21:47:10.0285 3588 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
21:47:10.0297 3588 vhdmp - ok
21:47:10.0315 3588 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
21:47:10.0326 3588 viaagp - ok
21:47:10.0349 3588 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
21:47:10.0361 3588 ViaC7 - ok
21:47:10.0387 3588 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
21:47:10.0395 3588 viaide - ok
21:47:10.0428 3588 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
21:47:10.0442 3588 vmbus - ok
21:47:10.0464 3588 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
21:47:10.0476 3588 VMBusHID - ok
21:47:10.0506 3588 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
21:47:10.0515 3588 volmgr - ok
21:47:10.0546 3588 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
21:47:10.0561 3588 volmgrx - ok
21:47:10.0598 3588 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
21:47:10.0613 3588 volsnap - ok
21:47:10.0636 3588 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
21:47:10.0648 3588 vsmraid - ok
21:47:10.0693 3588 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
21:47:10.0753 3588 VSS - ok
21:47:10.0771 3588 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
21:47:10.0784 3588 vwifibus - ok
21:47:10.0816 3588 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
21:47:10.0858 3588 W32Time - ok
21:47:10.0878 3588 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
21:47:10.0890 3588 WacomPen - ok
21:47:10.0920 3588 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:47:10.0948 3588 WANARP - ok
21:47:10.0951 3588 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:47:10.0970 3588 Wanarpv6 - ok
21:47:11.0072 3588 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
21:47:11.0117 3588 WatAdminSvc - ok
21:47:11.0166 3588 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
21:47:11.0222 3588 wbengine - ok
21:47:11.0246 3588 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
21:47:11.0263 3588 WbioSrvc - ok
21:47:11.0296 3588 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
21:47:11.0315 3588 wcncsvc - ok
21:47:11.0330 3588 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
21:47:11.0352 3588 WcsPlugInService - ok
21:47:11.0374 3588 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
21:47:11.0383 3588 Wd - ok
21:47:11.0407 3588 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:47:11.0424 3588 Wdf01000 - ok
21:47:11.0446 3588 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:47:11.0486 3588 WdiServiceHost - ok
21:47:11.0489 3588 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:47:11.0502 3588 WdiSystemHost - ok
21:47:11.0535 3588 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
21:47:11.0560 3588 WebClient - ok
21:47:11.0580 3588 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
21:47:11.0606 3588 Wecsvc - ok
21:47:11.0622 3588 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
21:47:11.0644 3588 wercplsupport - ok
21:47:11.0671 3588 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
21:47:11.0695 3588 WerSvc - ok
21:47:11.0732 3588 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
21:47:11.0758 3588 WfpLwf - ok
21:47:11.0772 3588 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
21:47:11.0781 3588 WIMMount - ok
21:47:11.0858 3588 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
21:47:11.0893 3588 WinDefend - ok
21:47:11.0899 3588 WinHttpAutoProxySvc - ok
21:47:11.0947 3588 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
21:47:11.0970 3588 Winmgmt - ok
21:47:12.0021 3588 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
21:47:12.0071 3588 WinRM - ok
21:47:12.0130 3588 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
21:47:12.0154 3588 WinUsb - ok
21:47:12.0203 3588 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
21:47:12.0253 3588 Wlansvc - ok
21:47:12.0315 3588 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:47:12.0358 3588 wlidsvc - ok
21:47:12.0383 3588 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
21:47:12.0394 3588 WmiAcpi - ok
21:47:12.0424 3588 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
21:47:12.0437 3588 wmiApSrv - ok
21:47:12.0490 3588 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:47:12.0540 3588 WMPNetworkSvc - ok
21:47:12.0558 3588 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
21:47:12.0578 3588 WPCSvc - ok
21:47:12.0598 3588 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
21:47:12.0633 3588 WPDBusEnum - ok
21:47:12.0651 3588 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
21:47:12.0684 3588 ws2ifsl - ok
21:47:12.0706 3588 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
21:47:12.0729 3588 wscsvc - ok
21:47:12.0739 3588 WSearch - ok
21:47:12.0795 3588 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
21:47:12.0923 3588 wuauserv - ok
21:47:12.0967 3588 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
21:47:12.0988 3588 WudfPf - ok
21:47:13.0027 3588 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:47:13.0049 3588 WUDFRd - ok
21:47:13.0088 3588 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
21:47:13.0123 3588 wudfsvc - ok
21:47:13.0155 3588 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
21:47:13.0182 3588 WwanSvc - ok
21:47:13.0231 3588 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys
21:47:13.0274 3588 yukonw7 - ok
21:47:13.0340 3588 ZSMC301b (1e41295eac56589efd9dc3ca14bf3fec) C:\Windows\system32\Drivers\usbVM31b.sys
21:47:13.0358 3588 ZSMC301b - ok
21:47:13.0369 3588 MBR (0x1B8) (de1996b5390bac8242e23168f828c750) \Device\Harddisk0\DR0
21:47:13.0394 3588 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
21:47:13.0394 3588 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
21:47:13.0398 3588 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:47:13.0398 3588 \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:47:13.0401 3588 Boot (0x1200) (e133ab504d650c99a1a192b0a40334fb) \Device\Harddisk0\DR0\Partition0
21:47:13.0402 3588 \Device\Harddisk0\DR0\Partition0 - ok
21:47:13.0422 3588 Boot (0x1200) (d451d21d27994d64f0a1f2e26835a76a) \Device\Harddisk0\DR0\Partition1
21:47:13.0424 3588 \Device\Harddisk0\DR0\Partition1 - ok
21:47:13.0424 3588 ============================================================
21:47:13.0424 3588 Scan finished
21:47:13.0424 3588 ============================================================
21:47:13.0433 2768 Detected object count: 7
21:47:13.0433 2768 Actual detected object count: 7
21:48:33.0428 2768 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:48:33.0428 2768 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:48:33.0430 2768 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:48:33.0430 2768 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:48:33.0431 2768 portio32 ( UnsignedFile.Multi.Generic ) - skipped by user
21:48:33.0431 2768 portio32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:48:33.0432 2768 sptd ( LockedFile.Multi.Generic ) - skipped by user
21:48:33.0432 2768 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
21:48:33.0433 2768 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:48:33.0433 2768 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:48:33.0434 2768 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - skipped by user
21:48:33.0434 2768 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Skip
21:48:33.0435 2768 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:48:33.0435 2768 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
21:49:08.0501 3076 Deinitialize success

[/log]

Gość
komentarz
komentarz

Uruchom Kasperskiego i dla ponizszych wyników przyznaj akcję [b]Cure[/b]. Wykonaj restart.

[code]1:48:33.0434 2768 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - skipped by user
21:48:33.0434 2768 \Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Skip
21:48:33.0435 2768 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:48:33.0435 2768 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip[/code]

Po tym wykonaj skan [b]Gmerem[/b] i przedstaw raport.

  • Dobra wypowiedź 1
swiatek94
komentarz
komentarz (edytowane)

Pierwszy rotkit poszedł bez problemu akcją Cure, zaś drugi nie miał takiej opcji, więc wybrałem Delete i zamiast to usunąć skopiował to do kwarantanny, którą mam teraz na dysku C i nie chce się to przez usunąć tdsskiller (normalnie nie próbowałem) dodaje loga z tdsskiller i Gmer

[log]23:30:55.0131 0384 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
23:30:55.0276 0384 ============================================================
23:30:55.0276 0384 Current date / time: 2012/04/18 23:30:55.0276
23:30:55.0276 0384 SystemInfo:
23:30:55.0276 0384
23:30:55.0276 0384 OS Version: 6.1.7601 ServicePack: 1.0
23:30:55.0276 0384 Product type: Workstation
23:30:55.0276 0384 ComputerName: KUBA-KOMPUTER
23:30:55.0276 0384 UserName: Kuba
23:30:55.0276 0384 Windows directory: C:\Windows
23:30:55.0276 0384 System windows directory: C:\Windows
23:30:55.0276 0384 Processor architecture: Intel x86
23:30:55.0276 0384 Number of processors: 2
23:30:55.0276 0384 Page size: 0x1000
23:30:55.0276 0384 Boot type: Normal boot
23:30:55.0276 0384 ============================================================
23:31:02.0150 0384 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:31:02.0161 0384 \Device\Harddisk0\DR0:
23:31:02.0161 0384 MBR partitions:
23:31:02.0161 0384 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x445C7AF
23:31:02.0168 0384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x445C82D, BlocksNum 0x35F24553
23:31:02.0200 0384 C: <-> \Device\Harddisk0\DR0\Partition0
23:31:02.0269 0384 D: <-> \Device\Harddisk0\DR0\Partition1
23:31:02.0269 0384 Initialize success
23:31:02.0269 0384 ============================================================
23:31:06.0878 2860 ============================================================
23:31:06.0878 2860 Scan started
23:31:06.0878 2860 Mode: Manual; SigCheck; TDLFS;
23:31:06.0878 2860 ============================================================
23:31:08.0385 2860 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
23:31:14.0147 2860 1394ohci - ok
23:31:14.0224 2860 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
23:31:14.0241 2860 ACPI - ok
23:31:14.0280 2860 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
23:31:14.0343 2860 AcpiPmi - ok
23:31:14.0439 2860 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:31:14.0463 2860 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
23:31:14.0463 2860 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
23:31:14.0553 2860 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:31:14.0565 2860 AdobeARMservice - ok
23:31:14.0645 2860 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:31:14.0670 2860 AdobeFlashPlayerUpdateSvc - ok
23:31:14.0706 2860 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
23:31:14.0740 2860 adp94xx - ok
23:31:14.0756 2860 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
23:31:14.0770 2860 adpahci - ok
23:31:14.0792 2860 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
23:31:14.0817 2860 adpu320 - ok
23:31:14.0842 2860 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
23:31:14.0879 2860 AeLookupSvc - ok
23:31:14.0941 2860 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
23:31:14.0998 2860 AFD - ok
23:31:15.0043 2860 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
23:31:15.0057 2860 agp440 - ok
23:31:15.0072 2860 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
23:31:15.0086 2860 aic78xx - ok
23:31:15.0119 2860 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
23:31:15.0162 2860 ALG - ok
23:31:15.0186 2860 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
23:31:15.0195 2860 aliide - ok
23:31:15.0230 2860 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
23:31:15.0240 2860 amdagp - ok
23:31:15.0260 2860 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
23:31:15.0269 2860 amdide - ok
23:31:15.0281 2860 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
23:31:15.0312 2860 AmdK8 - ok
23:31:15.0324 2860 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
23:31:15.0346 2860 AmdPPM - ok
23:31:15.0377 2860 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
23:31:15.0387 2860 amdsata - ok
23:31:15.0403 2860 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
23:31:15.0415 2860 amdsbs - ok
23:31:15.0448 2860 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
23:31:15.0457 2860 amdxata - ok
23:31:15.0494 2860 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
23:31:15.0567 2860 AppID - ok
23:31:15.0582 2860 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
23:31:15.0611 2860 AppIDSvc - ok
23:31:15.0658 2860 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
23:31:15.0694 2860 Appinfo - ok
23:31:15.0837 2860 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:31:15.0871 2860 Apple Mobile Device - ok
23:31:16.0040 2860 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
23:31:16.0224 2860 AppMgmt - ok
23:31:16.0390 2860 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
23:31:16.0428 2860 arc - ok
23:31:16.0618 2860 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
23:31:16.0633 2860 arcsas - ok
23:31:17.0096 2860 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:31:17.0151 2860 aspnet_state - ok
23:31:17.0343 2860 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:31:17.0464 2860 AsyncMac - ok
23:31:17.0494 2860 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
23:31:17.0511 2860 atapi - ok
23:31:17.0728 2860 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
23:31:17.0782 2860 atksgt - ok
23:31:17.0827 2860 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:31:17.0879 2860 AudioEndpointBuilder - ok
23:31:17.0909 2860 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:31:17.0942 2860 Audiosrv - ok
23:31:18.0025 2860 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
23:31:18.0155 2860 AxInstSV - ok
23:31:18.0504 2860 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
23:31:18.0651 2860 b06bdrv - ok
23:31:18.0724 2860 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:31:18.0798 2860 b57nd60x - ok
23:31:18.0845 2860 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
23:31:18.0882 2860 BDESVC - ok
23:31:18.0906 2860 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:31:18.0951 2860 Beep - ok
23:31:19.0019 2860 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
23:31:19.0061 2860 BFE - ok
23:31:19.0109 2860 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
23:31:19.0313 2860 BITS - ok
23:31:19.0383 2860 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:31:19.0413 2860 blbdrive - ok
23:31:19.0726 2860 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
23:31:19.0817 2860 Bonjour Service - ok
23:31:19.0948 2860 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
23:31:20.0057 2860 bowser - ok
23:31:20.0074 2860 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:31:20.0134 2860 BrFiltLo - ok
23:31:20.0163 2860 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:31:20.0211 2860 BrFiltUp - ok
23:31:20.0274 2860 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
23:31:20.0325 2860 Browser - ok
23:31:20.0358 2860 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:31:20.0389 2860 Brserid - ok
23:31:20.0409 2860 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:31:20.0441 2860 BrSerWdm - ok
23:31:20.0465 2860 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:31:20.0503 2860 BrUsbMdm - ok
23:31:20.0526 2860 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:31:20.0554 2860 BrUsbSer - ok
23:31:20.0570 2860 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
23:31:20.0592 2860 BTHMODEM - ok
23:31:20.0631 2860 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
23:31:20.0665 2860 bthserv - ok
23:31:20.0697 2860 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:31:20.0719 2860 cdfs - ok
23:31:20.0765 2860 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
23:31:20.0779 2860 cdrom - ok
23:31:20.0806 2860 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:31:20.0829 2860 CertPropSvc - ok
23:31:20.0840 2860 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
23:31:20.0852 2860 circlass - ok
23:31:20.0883 2860 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:31:20.0895 2860 CLFS - ok
23:31:20.0953 2860 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:31:20.0981 2860 clr_optimization_v2.0.50727_32 - ok
23:31:21.0079 2860 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:31:21.0111 2860 clr_optimization_v4.0.30319_32 - ok
23:31:21.0154 2860 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
23:31:21.0175 2860 CmBatt - ok
23:31:21.0207 2860 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
23:31:21.0219 2860 cmdide - ok
23:31:21.0246 2860 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
23:31:21.0281 2860 CNG - ok
23:31:21.0303 2860 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
23:31:21.0316 2860 Compbatt - ok
23:31:21.0364 2860 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
23:31:21.0391 2860 CompositeBus - ok
23:31:21.0403 2860 COMSysApp - ok
23:31:21.0422 2860 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
23:31:21.0431 2860 crcdisk - ok
23:31:21.0465 2860 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
23:31:21.0487 2860 CryptSvc - ok
23:31:21.0528 2860 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
23:31:21.0583 2860 CSC - ok
23:31:21.0668 2860 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
23:31:21.0691 2860 CscService - ok
23:31:21.0713 2860 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:31:21.0755 2860 DcomLaunch - ok
23:31:21.0824 2860 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
23:31:21.0870 2860 defragsvc - ok
23:31:21.0904 2860 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
23:31:21.0942 2860 DfsC - ok
23:31:21.0998 2860 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
23:31:22.0026 2860 Dhcp - ok
23:31:22.0045 2860 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:31:22.0079 2860 discache - ok
23:31:22.0128 2860 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
23:31:22.0139 2860 Disk - ok
23:31:22.0178 2860 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
23:31:22.0209 2860 Dnscache - ok
23:31:22.0248 2860 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
23:31:22.0286 2860 dot3svc - ok
23:31:22.0328 2860 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
23:31:22.0359 2860 DPS - ok
23:31:22.0395 2860 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:31:22.0419 2860 drmkaud - ok
23:31:22.0452 2860 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
23:31:22.0468 2860 DXGKrnl - ok
23:31:22.0519 2860 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys
23:31:22.0529 2860 eamonm - ok
23:31:22.0550 2860 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
23:31:22.0589 2860 EapHost - ok
23:31:22.0660 2860 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
23:31:22.0740 2860 ebdrv - ok
23:31:22.0769 2860 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
23:31:22.0781 2860 EFS - ok
23:31:22.0842 2860 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys
23:31:22.0849 2860 ehdrv - ok
23:31:22.0898 2860 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
23:31:22.0948 2860 ehRecvr - ok
23:31:22.0963 2860 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
23:31:22.0998 2860 ehSched - ok
23:31:23.0061 2860 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
23:31:23.0076 2860 ekrn - ok
23:31:23.0134 2860 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys
23:31:23.0142 2860 ElbyCDFL - ok
23:31:23.0289 2860 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\Windows\system32\Drivers\ElbyCDIO.sys
23:31:23.0329 2860 ElbyCDIO - ok
23:31:23.0351 2860 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
23:31:23.0374 2860 elxstor - ok
23:31:23.0396 2860 epfwwfpr (f39c91795ebdb9ecbeb5a388ff2841fe) C:\Windows\system32\DRIVERS\epfwwfpr.sys
23:31:23.0404 2860 epfwwfpr - ok
23:31:23.0439 2860 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
23:31:23.0460 2860 ErrDev - ok
23:31:23.0495 2860 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
23:31:23.0531 2860 EventSystem - ok
23:31:23.0544 2860 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:31:23.0575 2860 exfat - ok
23:31:23.0598 2860 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:31:23.0631 2860 fastfat - ok
23:31:23.0676 2860 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
23:31:23.0725 2860 Fax - ok
23:31:23.0744 2860 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:31:23.0767 2860 fdc - ok
23:31:23.0804 2860 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
23:31:23.0840 2860 fdPHost - ok
23:31:23.0870 2860 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
23:31:23.0906 2860 FDResPub - ok
23:31:23.0946 2860 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:31:23.0959 2860 FileInfo - ok
23:31:23.0986 2860 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:31:24.0017 2860 Filetrace - ok
23:31:24.0049 2860 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:31:24.0074 2860 flpydisk - ok
23:31:24.0109 2860 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:31:24.0122 2860 FltMgr - ok
23:31:24.0178 2860 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
23:31:24.0234 2860 FontCache - ok
23:31:24.0286 2860 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:31:24.0295 2860 FontCache3.0.0.0 - ok
23:31:24.0320 2860 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:31:24.0329 2860 FsDepends - ok
23:31:24.0351 2860 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
23:31:24.0361 2860 Fs_Rec - ok
23:31:24.0388 2860 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
23:31:24.0403 2860 fvevol - ok
23:31:24.0415 2860 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:31:24.0424 2860 gagp30kx - ok
23:31:24.0460 2860 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:31:24.0465 2860 GEARAspiWDM - ok
23:31:24.0504 2860 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
23:31:24.0534 2860 ggflt - ok
23:31:24.0570 2860 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
23:31:24.0580 2860 ggsemc - ok
23:31:24.0633 2860 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
23:31:24.0673 2860 gpsvc - ok
23:31:24.0732 2860 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
23:31:24.0741 2860 gupdate - ok
23:31:24.0754 2860 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
23:31:24.0760 2860 gupdatem - ok
23:31:24.0793 2860 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
23:31:24.0802 2860 hamachi - ok
23:31:24.0816 2860 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:31:24.0847 2860 hcw85cir - ok
23:31:24.0898 2860 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
23:31:24.0925 2860 HdAudAddService - ok
23:31:24.0957 2860 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
23:31:24.0984 2860 HDAudBus - ok
23:31:25.0003 2860 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
23:31:25.0036 2860 HidBatt - ok
23:31:25.0049 2860 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
23:31:25.0074 2860 HidBth - ok
23:31:25.0094 2860 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
23:31:25.0111 2860 HidIr - ok
23:31:25.0133 2860 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
23:31:25.0161 2860 hidserv - ok
23:31:25.0222 2860 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
23:31:25.0246 2860 HidUsb - ok
23:31:25.0274 2860 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
23:31:25.0303 2860 hkmsvc - ok
23:31:25.0347 2860 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
23:31:25.0392 2860 HomeGroupListener - ok
23:31:25.0425 2860 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
23:31:25.0465 2860 HomeGroupProvider - ok
23:31:25.0500 2860 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
23:31:25.0514 2860 HpSAMD - ok
23:31:25.0557 2860 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
23:31:25.0595 2860 HTTP - ok
23:31:25.0666 2860 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
23:31:25.0679 2860 hwpolicy - ok
23:31:25.0728 2860 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
23:31:25.0752 2860 i8042prt - ok
23:31:25.0784 2860 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
23:31:25.0805 2860 iaStorV - ok
23:31:25.0866 2860 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:31:25.0899 2860 idsvc - ok
23:31:25.0918 2860 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
23:31:25.0927 2860 iirsp - ok
23:31:25.0973 2860 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
23:31:26.0018 2860 IKEEXT - ok
23:31:26.0037 2860 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
23:31:26.0046 2860 intelide - ok
23:31:26.0066 2860 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:31:26.0095 2860 intelppm - ok
23:31:26.0132 2860 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
23:31:26.0167 2860 IPBusEnum - ok
23:31:26.0179 2860 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:31:26.0211 2860 IpFilterDriver - ok
23:31:26.0249 2860 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
23:31:26.0277 2860 iphlpsvc - ok
23:31:26.0296 2860 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
23:31:26.0308 2860 IPMIDRV - ok
23:31:26.0328 2860 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:31:26.0355 2860 IPNAT - ok
23:31:26.0449 2860 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe
23:31:26.0497 2860 iPod Service - ok
23:31:26.0520 2860 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:31:26.0559 2860 IRENUM - ok
23:31:26.0594 2860 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
23:31:26.0621 2860 isapnp - ok
23:31:26.0763 2860 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
23:31:26.0781 2860 iScsiPrt - ok
23:31:27.0025 2860 ISODrive (2f03ceb28307983f3b36216d35ffa5aa) C:\Program Files\UltraISO\drivers\ISODrive.sys
23:31:27.0036 2860 ISODrive - ok
23:31:27.0202 2860 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
23:31:27.0213 2860 kbdclass - ok
23:31:27.0248 2860 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
23:31:27.0274 2860 kbdhid - ok
23:31:27.0308 2860 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
23:31:27.0323 2860 KeyIso - ok
23:31:27.0361 2860 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
23:31:27.0375 2860 KSecDD - ok
23:31:27.0397 2860 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
23:31:27.0424 2860 KSecPkg - ok
23:31:27.0450 2860 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
23:31:27.0490 2860 KtmRm - ok
23:31:27.0526 2860 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
23:31:27.0561 2860 LanmanServer - ok
23:31:27.0589 2860 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
23:31:27.0627 2860 LanmanWorkstation - ok
23:31:27.0724 2860 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
23:31:27.0764 2860 lirsgt - ok
23:31:27.0808 2860 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:31:27.0847 2860 lltdio - ok
23:31:27.0888 2860 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
23:31:27.0923 2860 lltdsvc - ok
23:31:27.0955 2860 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
23:31:28.0005 2860 lmhosts - ok
23:31:28.0027 2860 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:31:28.0038 2860 LSI_FC - ok
23:31:28.0050 2860 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:31:28.0078 2860 LSI_SAS - ok
23:31:28.0092 2860 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:31:28.0102 2860 LSI_SAS2 - ok
23:31:28.0122 2860 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:31:28.0132 2860 LSI_SCSI - ok
23:31:28.0155 2860 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:31:28.0187 2860 luafv - ok
23:31:28.0225 2860 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
23:31:28.0237 2860 Mcx2Svc - ok
23:31:28.0249 2860 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
23:31:28.0257 2860 megasas - ok
23:31:28.0275 2860 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
23:31:28.0288 2860 MegaSR - ok
23:31:28.0391 2860 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:31:28.0435 2860 MMCSS - ok
23:31:28.0449 2860 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:31:28.0470 2860 Modem - ok
23:31:28.0494 2860 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:31:28.0512 2860 monitor - ok
23:31:28.0534 2860 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
23:31:28.0542 2860 mouclass - ok
23:31:28.0576 2860 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:31:28.0589 2860 mouhid - ok
23:31:28.0740 2860 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
23:31:28.0761 2860 mountmgr - ok
23:31:28.0943 2860 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
23:31:28.0978 2860 mpio - ok
23:31:29.0121 2860 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:31:29.0162 2860 mpsdrv - ok
23:31:29.0239 2860 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
23:31:29.0279 2860 MpsSvc - ok
23:31:29.0332 2860 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
23:31:29.0362 2860 MRxDAV - ok
23:31:29.0417 2860 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:31:29.0490 2860 mrxsmb - ok
23:31:29.0531 2860 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:31:29.0576 2860 mrxsmb10 - ok
23:31:30.0164 2860 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:31:30.0190 2860 mrxsmb20 - ok
23:31:30.0646 2860 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
23:31:30.0662 2860 msahci - ok
23:31:30.0884 2860 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
23:31:30.0914 2860 msdsm - ok
23:31:31.0004 2860 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
23:31:31.0038 2860 MSDTC - ok
23:31:31.0073 2860 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:31:31.0120 2860 Msfs - ok
23:31:31.0155 2860 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:31:31.0188 2860 mshidkmdf - ok
23:31:31.0206 2860 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
23:31:31.0214 2860 msisadrv - ok
23:31:31.0243 2860 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
23:31:31.0276 2860 MSiSCSI - ok
23:31:31.0287 2860 msiserver - ok
23:31:31.0311 2860 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:31:31.0342 2860 MSKSSRV - ok
23:31:31.0373 2860 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:31:31.0405 2860 MSPCLOCK - ok
23:31:31.0424 2860 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:31:31.0448 2860 MSPQM - ok
23:31:31.0472 2860 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:31:31.0486 2860 MsRPC - ok
23:31:31.0501 2860 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
23:31:31.0509 2860 mssmbios - ok
23:31:31.0531 2860 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:31:31.0573 2860 MSTEE - ok
23:31:31.0584 2860 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
23:31:31.0605 2860 MTConfig - ok
23:31:31.0925 2860 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
23:31:31.0945 2860 MTsensor - ok
23:31:31.0966 2860 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:31:31.0976 2860 Mup - ok
23:31:32.0010 2860 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
23:31:32.0037 2860 napagent - ok
23:31:32.0068 2860 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:31:32.0090 2860 NativeWifiP - ok
23:31:32.0137 2860 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
23:31:32.0176 2860 NDIS - ok
23:31:32.0207 2860 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:31:32.0229 2860 NdisCap - ok
23:31:32.0258 2860 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:31:32.0289 2860 NdisTapi - ok
23:31:32.0337 2860 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
23:31:32.0375 2860 Ndisuio - ok
23:31:32.0409 2860 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
23:31:32.0442 2860 NdisWan - ok
23:31:32.0467 2860 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
23:31:32.0499 2860 NDProxy - ok
23:31:32.0592 2860 Nero BackItUp Scheduler 3 (40d7d0a208ee863bca8d89e299216f15) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
23:31:32.0658 2860 Nero BackItUp Scheduler 3 - ok
23:31:32.0677 2860 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:31:32.0716 2860 NetBIOS - ok
23:31:32.0740 2860 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
23:31:32.0763 2860 NetBT - ok
23:31:32.0789 2860 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
23:31:32.0800 2860 Netlogon - ok
23:31:32.0845 2860 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
23:31:32.0890 2860 Netman - ok
23:31:33.0009 2860 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:31:33.0032 2860 NetMsmqActivator - ok
23:31:33.0044 2860 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:31:33.0051 2860 NetPipeActivator - ok
23:31:33.0073 2860 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
23:31:33.0103 2860 netprofm - ok
23:31:33.0127 2860 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:31:33.0134 2860 NetTcpActivator - ok
23:31:33.0138 2860 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:31:33.0144 2860 NetTcpPortSharing - ok
23:31:33.0173 2860 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
23:31:33.0182 2860 nfrd960 - ok
23:31:33.0220 2860 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
23:31:33.0263 2860 NlaSvc - ok
23:31:33.0406 2860 NMIndexingService (eba1b4bf2e2375abdadedb649f283541) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
23:31:33.0493 2860 NMIndexingService - ok
23:31:33.0510 2860 nmwcdnsu - ok
23:31:33.0528 2860 nmwcdnsuc - ok
23:31:33.0582 2860 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:31:33.0619 2860 Npfs - ok
23:31:33.0682 2860 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
23:31:33.0725 2860 nsi - ok
23:31:33.0748 2860 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:31:33.0771 2860 nsiproxy - ok
23:31:33.0831 2860 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
23:31:33.0872 2860 Ntfs - ok
23:31:33.0890 2860 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:31:33.0939 2860 Null - ok
23:31:34.0134 2860 nvlddmkm (f452e6ad3eda2852f44be492e283c40f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:31:34.0269 2860 nvlddmkm - ok
23:31:34.0446 2860 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
23:31:34.0457 2860 nvraid - ok
23:31:34.0494 2860 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
23:31:34.0505 2860 nvstor - ok
23:31:34.0553 2860 nvsvc (70145ade9efe2ce296dd5fc761b4969b) C:\Windows\system32\nvvsvc.exe
23:31:34.0582 2860 nvsvc - ok
23:31:34.0709 2860 nvUpdatusService (d3acc38a963b71bd4d2dfdc1050219b9) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:31:34.0794 2860 nvUpdatusService - ok
23:31:34.0830 2860 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
23:31:34.0840 2860 nv_agp - ok
23:31:34.0901 2860 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:31:34.0934 2860 odserv - ok
23:31:34.0973 2860 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
23:31:34.0993 2860 ohci1394 - ok
23:31:35.0031 2860 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:31:35.0041 2860 ose - ok
23:31:35.0071 2860 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:31:35.0097 2860 p2pimsvc - ok
23:31:35.0118 2860 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
23:31:35.0135 2860 p2psvc - ok
23:31:35.0151 2860 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:31:35.0162 2860 Parport - ok
23:31:35.0192 2860 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
23:31:35.0201 2860 partmgr - ok
23:31:35.0222 2860 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:31:35.0252 2860 Parvdm - ok
23:31:35.0272 2860 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
23:31:35.0288 2860 PcaSvc - ok
23:31:35.0321 2860 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
23:31:35.0333 2860 pci - ok
23:31:35.0357 2860 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
23:31:35.0366 2860 pciide - ok
23:31:35.0390 2860 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
23:31:35.0409 2860 pcmcia - ok
23:31:35.0430 2860 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:31:35.0439 2860 pcw - ok
23:31:35.0474 2860 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:31:35.0514 2860 PEAUTH - ok
23:31:35.0557 2860 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
23:31:35.0599 2860 PeerDistSvc - ok
23:31:35.0676 2860 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
23:31:35.0747 2860 pla - ok
23:31:35.0787 2860 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe
23:31:35.0793 2860 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
23:31:35.0793 2860 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
23:31:35.0835 2860 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
23:31:35.0876 2860 PlugPlay - ok
23:31:35.0899 2860 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
23:31:35.0911 2860 PnkBstrA - ok
23:31:35.0927 2860 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
23:31:35.0948 2860 PNRPAutoReg - ok
23:31:35.0964 2860 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:31:35.0981 2860 PNRPsvc - ok
23:31:36.0009 2860 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
23:31:36.0035 2860 PolicyAgent - ok
23:31:36.0088 2860 portio32 (09687a361c9f1418973a4ae17d2f52cc) C:\Windows\system32\drivers\portio32.sys
23:31:36.0093 2860 portio32 ( UnsignedFile.Multi.Generic ) - warning
23:31:36.0093 2860 portio32 - detected UnsignedFile.Multi.Generic (1)
23:31:36.0128 2860 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
23:31:36.0160 2860 Power - ok
23:31:36.0179 2860 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:31:36.0204 2860 PptpMiniport - ok
23:31:36.0221 2860 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
23:31:36.0243 2860 Processor - ok
23:31:36.0275 2860 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
23:31:36.0297 2860 ProfSvc - ok
23:31:36.0329 2860 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
23:31:36.0339 2860 ProtectedStorage - ok
23:31:36.0357 2860 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:31:36.0392 2860 Psched - ok
23:31:36.0425 2860 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
23:31:36.0467 2860 ql2300 - ok
23:31:36.0486 2860 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
23:31:36.0508 2860 ql40xx - ok
23:31:36.0533 2860 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
23:31:36.0550 2860 QWAVE - ok
23:31:36.0570 2860 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:31:36.0600 2860 QWAVEdrv - ok
23:31:36.0663 2860 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:31:36.0695 2860 RasAcd - ok
23:31:36.0736 2860 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:31:36.0780 2860 RasAgileVpn - ok
23:31:36.0801 2860 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
23:31:36.0836 2860 RasAuto - ok
23:31:36.0865 2860 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:31:36.0894 2860 Rasl2tp - ok
23:31:36.0931 2860 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
23:31:36.0956 2860 RasMan - ok
23:31:36.0976 2860 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:31:36.0997 2860 RasPppoe - ok
23:31:37.0018 2860 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:31:37.0051 2860 RasSstp - ok
23:31:37.0095 2860 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
23:31:37.0132 2860 rdbss - ok
23:31:37.0157 2860 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
23:31:37.0170 2860 rdpbus - ok
23:31:37.0201 2860 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:31:37.0221 2860 RDPCDD - ok
23:31:37.0261 2860 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
23:31:37.0280 2860 RDPDR - ok
23:31:37.0302 2860 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:31:37.0336 2860 RDPENCDD - ok
23:31:37.0405 2860 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:31:37.0431 2860 RDPREFMP - ok
23:31:37.0482 2860 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
23:31:37.0513 2860 RdpVideoMiniport - ok
23:31:37.0548 2860 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
23:31:37.0587 2860 RDPWD - ok
23:31:37.0626 2860 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
23:31:37.0638 2860 rdyboost - ok
23:31:37.0680 2860 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
23:31:37.0718 2860 RemoteAccess - ok
23:31:37.0754 2860 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
23:31:37.0778 2860 RemoteRegistry - ok
23:31:37.0808 2860 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
23:31:37.0849 2860 RpcEptMapper - ok
23:31:37.0865 2860 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
23:31:37.0882 2860 RpcLocator - ok
23:31:37.0922 2860 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:31:37.0943 2860 RpcSs - ok
23:31:37.0971 2860 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:31:37.0992 2860 rspndr - ok
23:31:38.0049 2860 s1018bus (1c5c2cb892553d2cf3f45a4bb323fcd6) C:\Windows\system32\DRIVERS\s1018bus.sys
23:31:38.0057 2860 s1018bus - ok
23:31:38.0100 2860 s1018mdfl (38f5ea219593f19b6b3a1b9c169e3b61) C:\Windows\system32\DRIVERS\s1018mdfl.sys
23:31:38.0119 2860 s1018mdfl - ok
23:31:38.0153 2860 s1018mdm (666af6b64fc7df92d3ca4819ea91631d) C:\Windows\system32\DRIVERS\s1018mdm.sys
23:31:38.0184 2860 s1018mdm - ok
23:31:38.0260 2860 s1018mgmt (f4ceda6e2ddff2af8bd745615a7ca9c0) C:\Windows\system32\DRIVERS\s1018mgmt.sys
23:31:38.0348 2860 s1018mgmt - ok
23:31:38.0398 2860 s1018nd5 (3622d9ff2253dcbe885b10736609a4ca) C:\Windows\system32\DRIVERS\s1018nd5.sys
23:31:38.0407 2860 s1018nd5 - ok
23:31:38.0450 2860 s1018obex (49431efda842b474531c29ffae9f5d09) C:\Windows\system32\DRIVERS\s1018obex.sys
23:31:38.0461 2860 s1018obex - ok
23:31:38.0481 2860 s1018unic (ac6b514cb4474f4c867d7cdc9cd54f05) C:\Windows\system32\DRIVERS\s1018unic.sys
23:31:38.0494 2860 s1018unic - ok
23:31:38.0531 2860 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
23:31:38.0563 2860 s3cap - ok
23:31:38.0586 2860 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
23:31:38.0596 2860 SamSs - ok
23:31:38.0649 2860 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
23:31:38.0659 2860 sbp2port - ok
23:31:38.0686 2860 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
23:31:38.0717 2860 SCardSvr - ok
23:31:38.0741 2860 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
23:31:38.0762 2860 scfilter - ok
23:31:38.0808 2860 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
23:31:38.0853 2860 Schedule - ok
23:31:38.0880 2860 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:31:38.0898 2860 SCPolicySvc - ok
23:31:38.0935 2860 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
23:31:38.0965 2860 SDRSVC - ok
23:31:38.0994 2860 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:31:39.0028 2860 secdrv - ok
23:31:39.0062 2860 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
23:31:39.0089 2860 seclogon - ok
23:31:39.0136 2860 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys
23:31:39.0155 2860 seehcri - ok
23:31:39.0187 2860 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
23:31:39.0218 2860 SENS - ok
23:31:39.0249 2860 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
23:31:39.0289 2860 SensrSvc - ok
23:31:39.0310 2860 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:31:39.0320 2860 Serenum - ok
23:31:39.0342 2860 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:31:39.0354 2860 Serial - ok
23:31:39.0388 2860 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
23:31:39.0401 2860 sermouse - ok
23:31:39.0438 2860 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
23:31:39.0462 2860 SessionEnv - ok
23:31:39.0492 2860 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
23:31:39.0560 2860 sffdisk - ok
23:31:39.0582 2860 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
23:31:39.0601 2860 sffp_mmc - ok
23:31:39.0630 2860 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
23:31:39.0651 2860 sffp_sd - ok
23:31:39.0672 2860 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
23:31:39.0684 2860 sfloppy - ok
23:31:39.0724 2860 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
23:31:39.0759 2860 SharedAccess - ok
23:31:39.0790 2860 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
23:31:39.0819 2860 ShellHWDetection - ok
23:31:39.0847 2860 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
23:31:39.0857 2860 sisagp - ok
23:31:39.0890 2860 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:31:39.0900 2860 SiSRaid2 - ok
23:31:39.0917 2860 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
23:31:39.0928 2860 SiSRaid4 - ok
23:31:39.0946 2860 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:31:39.0968 2860 Smb - ok
23:31:40.0010 2860 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
23:31:40.0022 2860 SNMPTRAP - ok
23:31:40.0039 2860 snpstd - ok
23:31:40.0104 2860 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
23:31:40.0116 2860 Sony PC Companion - ok
23:31:40.0140 2860 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:31:40.0152 2860 spldr - ok
23:31:40.0188 2860 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
23:31:40.0227 2860 Spooler - ok
23:31:40.0295 2860 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
23:31:40.0378 2860 sppsvc - ok
23:31:40.0410 2860 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
23:31:40.0432 2860 sppuinotify - ok
23:31:40.0473 2860 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys
23:31:40.0481 2860 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
23:31:40.0482 2860 sptd ( LockedFile.Multi.Generic ) - warning
23:31:40.0482 2860 sptd - detected LockedFile.Multi.Generic (1)
23:31:40.0519 2860 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
23:31:40.0562 2860 srv - ok
23:31:40.0602 2860 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
23:31:40.0636 2860 srv2 - ok
23:31:40.0671 2860 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
23:31:40.0683 2860 srvnet - ok
23:31:40.0712 2860 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
23:31:40.0741 2860 SSDPSRV - ok
23:31:40.0769 2860 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
23:31:40.0807 2860 SstpSvc - ok
23:31:40.0849 2860 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
23:31:40.0854 2860 StarOpen ( UnsignedFile.Multi.Generic ) - warning
23:31:40.0854 2860 StarOpen - detected UnsignedFile.Multi.Generic (1)
23:31:40.0894 2860 Steam Client Service - ok
23:31:40.0948 2860 Stereo Service (8544a200c40447e465f06e58687428bb) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:31:40.0967 2860 Stereo Service - ok
23:31:40.0990 2860 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
23:31:41.0004 2860 stexstor - ok
23:31:41.0044 2860 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
23:31:41.0081 2860 StiSvc - ok
23:31:41.0104 2860 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
23:31:41.0128 2860 storflt - ok
23:31:41.0152 2860 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
23:31:41.0162 2860 storvsc - ok
23:31:41.0180 2860 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
23:31:41.0188 2860 swenum - ok
23:31:41.0219 2860 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
23:31:41.0257 2860 swprv - ok
23:31:41.0284 2860 Synth3dVsc - ok
23:31:41.0329 2860 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
23:31:41.0379 2860 SysMain - ok
23:31:41.0419 2860 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
23:31:41.0435 2860 TabletInputService - ok
23:31:41.0469 2860 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
23:31:41.0513 2860 TapiSrv - ok
23:31:41.0547 2860 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
23:31:41.0569 2860 TBS - ok
23:31:41.0641 2860 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
23:31:41.0712 2860 Tcpip - ok
23:31:41.0775 2860 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
23:31:41.0796 2860 TCPIP6 - ok
23:31:41.0839 2860 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
23:31:41.0887 2860 tcpipreg - ok
23:31:41.0923 2860 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
23:31:41.0963 2860 TDPIPE - ok
23:31:41.0980 2860 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
23:31:42.0000 2860 TDTCP - ok
23:31:42.0034 2860 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
23:31:42.0061 2860 tdx - ok
23:31:42.0087 2860 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
23:31:42.0096 2860 TermDD - ok
23:31:42.0136 2860 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
23:31:42.0165 2860 TermService - ok
23:31:42.0183 2860 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
23:31:42.0203 2860 Themes - ok
23:31:42.0233 2860 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:31:42.0254 2860 THREADORDER - ok
23:31:42.0270 2860 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
23:31:42.0301 2860 TrkWks - ok
23:31:42.0335 2860 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
23:31:42.0383 2860 TrustedInstaller - ok
23:31:42.0410 2860 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:31:42.0451 2860 tssecsrv - ok
23:31:42.0484 2860 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
23:31:42.0511 2860 TsUsbFlt - ok
23:31:42.0525 2860 tsusbhub - ok
23:31:42.0568 2860 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
23:31:42.0594 2860 tunnel - ok
23:31:42.0620 2860 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
23:31:42.0640 2860 uagp35 - ok
23:31:42.0669 2860 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
23:31:42.0705 2860 udfs - ok
23:31:42.0728 2860 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
23:31:42.0741 2860 UI0Detect - ok
23:31:42.0781 2860 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
23:31:42.0799 2860 uliagpkx - ok
23:31:42.0845 2860 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
23:31:42.0856 2860 umbus - ok
23:31:42.0884 2860 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
23:31:42.0907 2860 UmPass - ok
23:31:42.0954 2860 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
23:31:42.0993 2860 UmRdpService - ok
23:31:43.0029 2860 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
23:31:43.0060 2860 upnphost - ok
23:31:43.0086 2860 upperdev - ok
23:31:43.0124 2860 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
23:31:43.0159 2860 USBAAPL - ok
23:31:43.0192 2860 usbbus (8ef48ff1c23b1ce6f96d09a45959eb20) C:\Windows\system32\DRIVERS\lgusbbus.sys
23:31:43.0212 2860 usbbus - ok
23:31:43.0248 2860 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
23:31:43.0275 2860 usbccgp - ok
23:31:43.0300 2860 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
23:31:43.0334 2860 usbcir - ok
23:31:43.0358 2860 UsbDiag (a0e24c5c2d0cff04bbd3753a72fae80b) C:\Windows\system32\DRIVERS\lgusbdiag.sys
23:31:43.0371 2860 UsbDiag - ok
23:31:43.0411 2860 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
23:31:43.0426 2860 usbehci - ok
23:31:43.0474 2860 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\drivers\usbhub.sys
23:31:43.0509 2860 usbhub - ok
23:31:43.0531 2860 USBModem (cc09a1132b1f6a8362107cc134e90d0b) C:\Windows\system32\DRIVERS\lgusbmodem.sys
23:31:43.0560 2860 USBModem - ok
23:31:43.0586 2860 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
23:31:43.0616 2860 usbohci - ok
23:31:43.0641 2860 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:31:43.0657 2860 usbprint - ok
23:31:43.0703 2860 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
23:31:43.0728 2860 usbscan - ok
23:31:43.0763 2860 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:31:43.0781 2860 USBSTOR - ok
23:31:43.0811 2860 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
23:31:43.0838 2860 usbuhci - ok
23:31:43.0878 2860 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
23:31:43.0893 2860 usbvideo - ok
23:31:43.0910 2860 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
23:31:43.0941 2860 UxSms - ok
23:31:43.0974 2860 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
23:31:43.0988 2860 VaultSvc - ok
23:31:44.0026 2860 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
23:31:44.0040 2860 vdrvroot - ok
23:31:44.0084 2860 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
23:31:44.0145 2860 vds - ok
23:31:44.0173 2860 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:31:44.0185 2860 vga - ok
23:31:44.0204 2860 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:31:44.0225 2860 VgaSave - ok
23:31:44.0236 2860 VGPU - ok
23:31:44.0267 2860 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
23:31:44.0280 2860 vhdmp - ok
23:31:44.0314 2860 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
23:31:44.0324 2860 viaagp - ok
23:31:44.0356 2860 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
23:31:44.0368 2860 ViaC7 - ok
23:31:44.0394 2860 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
23:31:44.0403 2860 viaide - ok
23:31:44.0436 2860 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
23:31:44.0449 2860 vmbus - ok
23:31:44.0480 2860 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
23:31:44.0491 2860 VMBusHID - ok
23:31:44.0522 2860 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
23:31:44.0532 2860 volmgr - ok
23:31:44.0554 2860 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:31:44.0569 2860 volmgrx - ok
23:31:44.0606 2860 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
23:31:44.0619 2860 volsnap - ok
23:31:44.0644 2860 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
23:31:44.0655 2860 vsmraid - ok
23:31:44.0708 2860 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
23:31:44.0773 2860 VSS - ok
23:31:44.0795 2860 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
23:31:44.0810 2860 vwifibus - ok
23:31:44.0849 2860 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
23:31:44.0898 2860 W32Time - ok
23:31:44.0919 2860 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
23:31:44.0932 2860 WacomPen - ok
23:31:44.0969 2860 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:31:45.0029 2860 WANARP - ok
23:31:45.0032 2860 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:31:45.0050 2860 Wanarpv6 - ok
23:31:45.0156 2860 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
23:31:45.0206 2860 WatAdminSvc - ok
23:31:45.0267 2860 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
23:31:45.0330 2860 wbengine - ok
23:31:45.0354 2860 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
23:31:45.0371 2860 WbioSrvc - ok
23:31:45.0403 2860 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
23:31:45.0423 2860 wcncsvc - ok
23:31:45.0438 2860 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
23:31:45.0461 2860 WcsPlugInService - ok
23:31:45.0483 2860 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
23:31:45.0493 2860 Wd - ok
23:31:45.0514 2860 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:31:45.0531 2860 Wdf01000 - ok
23:31:45.0553 2860 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:31:45.0592 2860 WdiServiceHost - ok
23:31:45.0596 2860 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:31:45.0609 2860 WdiSystemHost - ok
23:31:45.0643 2860 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
23:31:45.0672 2860 WebClient - ok
23:31:45.0686 2860 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
23:31:45.0715 2860 Wecsvc - ok
23:31:45.0731 2860 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
23:31:45.0752 2860 wercplsupport - ok
23:31:45.0779 2860 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
23:31:45.0802 2860 WerSvc - ok
23:31:45.0832 2860 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:31:45.0854 2860 WfpLwf - ok
23:31:45.0872 2860 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:31:45.0884 2860 WIMMount - ok
23:31:45.0939 2860 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
23:31:46.0009 2860 WinDefend - ok
23:31:46.0014 2860 WinHttpAutoProxySvc - ok
23:31:46.0055 2860 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
23:31:46.0077 2860 Winmgmt - ok
23:31:46.0128 2860 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
23:31:46.0176 2860 WinRM - ok
23:31:46.0237 2860 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
23:31:46.0262 2860 WinUsb - ok
23:31:46.0294 2860 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
23:31:46.0364 2860 Wlansvc - ok
23:31:46.0441 2860 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:31:46.0505 2860 wlidsvc - ok
23:31:46.0541 2860 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
23:31:46.0552 2860 WmiAcpi - ok
23:31:46.0581 2860 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
23:31:46.0594 2860 wmiApSrv - ok
23:31:46.0648 2860 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
23:31:46.0701 2860 WMPNetworkSvc - ok
23:31:46.0732 2860 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
23:31:46.0756 2860 WPCSvc - ok
23:31:46.0791 2860 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
23:31:46.0844 2860 WPDBusEnum - ok
23:31:46.0867 2860 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:31:46.0906 2860 ws2ifsl - ok
23:31:46.0930 2860 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
23:31:46.0963 2860 wscsvc - ok
23:31:46.0974 2860 WSearch - ok
23:31:47.0027 2860 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
23:31:47.0086 2860 wuauserv - ok
23:31:47.0125 2860 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
23:31:47.0145 2860 WudfPf - ok
23:31:47.0209 2860 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:31:47.0239 2860 WUDFRd - ok
23:31:47.0279 2860 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
23:31:47.0320 2860 wudfsvc - ok
23:31:47.0354 2860 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
23:31:47.0385 2860 WwanSvc - ok
23:31:47.0431 2860 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys
23:31:47.0475 2860 yukonw7 - ok
23:31:47.0522 2860 ZSMC301b (1e41295eac56589efd9dc3ca14bf3fec) C:\Windows\system32\Drivers\usbVM31b.sys
23:31:47.0539 2860 ZSMC301b - ok
23:31:47.0551 2860 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:31:47.0589 2860 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:31:47.0589 2860 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:31:47.0591 2860 Boot (0x1200) (e133ab504d650c99a1a192b0a40334fb) \Device\Harddisk0\DR0\Partition0
23:31:47.0593 2860 \Device\Harddisk0\DR0\Partition0 - ok
23:31:47.0612 2860 Boot (0x1200) (d451d21d27994d64f0a1f2e26835a76a) \Device\Harddisk0\DR0\Partition1
23:31:47.0615 2860 \Device\Harddisk0\DR0\Partition1 - ok
23:31:47.0615 2860 ============================================================
23:31:47.0615 2860 Scan finished
23:31:47.0615 2860 ============================================================
23:31:47.0622 3168 Detected object count: 6
23:31:47.0622 3168 Actual detected object count: 6
23:31:56.0876 3168 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:31:56.0876 3168 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:31:56.0877 3168 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:31:56.0877 3168 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:31:56.0879 3168 portio32 ( UnsignedFile.Multi.Generic ) - skipped by user
23:31:56.0879 3168 portio32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:31:56.0880 3168 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:31:56.0880 3168 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:31:56.0881 3168 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
23:31:56.0881 3168 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:31:57.0009 3168 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
23:31:57.0107 3168 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
23:31:57.0186 3168 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
23:31:57.0570 3168 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
23:32:00.0339 3168 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
23:32:00.0382 3168 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
23:32:00.0792 3168 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
23:32:01.0391 3168 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
23:32:01.0777 3168 \Device\Harddisk0\DR0\TDLFS - deleted
23:32:01.0777 3168 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
23:32:10.0804 1232 Deinitialize success

[/log]

[log]GMER 1.0.15.15641 - [url="http://www.gmer.net"]http://www.gmer.net[/url]
Rootkit scan 2012-04-19 00:16:25
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 ST3500320AS rev.SD15
Running: jh5ubgg3.exe; Driver: C:\Users\Kuba\AppData\Local\Temp\aftcaaog.sys


---- Kernel code sections - GMER 1.0.15 ----

.sptd2 C:\Windows\System32\Drivers\sptd.sys entry point in ".sptd2" section [0x8BF4A9E3]
? C:\Windows\System32\Drivers\sptd.sys Proces nie może uzyskać dostępu do pliku, ponieważ jest on używany przez inny proces.
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9FE7D300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9FEDB300, 0x1BEE, 0xE8000020]

---- Threads - GMER 1.0.15 ----

Thread System [4:3988] A18CFF2E

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD6 0xD1 0xC6 0x04 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x24 0x5E 0x9F 0x6C ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD6 0x20 0xF7 0xAC ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x79 0x27 0x3B 0x2B ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD6 0xD1 0xC6 0x04 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x24 0x5E 0x9F 0x6C ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xD6 0x20 0xF7 0xAC ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x79 0x27 0x3B 0x2B ...

---- EOF - GMER 1.0.15 ----

[/log]

Bugless
komentarz
komentarz

Sprobuj za pomoca AVG Free, szczerze nie widzialem jeszcze syfu ktorego by nie usuna

  • Dobra wypowiedź 1
Gość
komentarz
komentarz (edytowane)

[quote]Pierwszy rotkit poszedł bez problemu akcją Cure, zaś drugi nie miał takiej opcji, więc wybrałem Delete i zamiast to usunąć skopiował to do kwarantanny, [/quote]

Dobrze.

Uruchom OTL i w oknie [b]Własne opcje skanowania/skrypt [/b]wklej:

[code]:Files
C:\ProgramData\Ask

:OTL
O33 - MountPoints2\{4b4dcbc0-0b7e-11e1-a92c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4b4dcbc0-0b7e-11e1-a92c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.exe

:Commands
[emptyflash]
[emptytemp][/code]

Kliknij w Wykonaj skrypt.



Zrób nowy skan [b]OTL oraz AdwCleaner[/b] z opcji [b]Search[/b]. Przedstaw raporty.

  • Dobra wypowiedź 1
swiatek94
komentarz
komentarz (edytowane)

Podrzucam logi

[log]OTL logfile created on: 2012-04-19 14:06:56 - Run 3
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,59% Memory free
3,35 Gb Paging File | 2,14 Gb Available in Paging File | 64,08% Paging File free
Paging file location(s): d:\pagefile.sys 100 4900 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 1,42 Gb Free Space | 4,16% Space Free | Partition Type: NTFS
Drive D: | 431,57 Gb Total Space | 29,30 Gb Free Space | 6,79% Space Free | Partition Type: NTFS

Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012-03-13 06:37:10 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
PRC - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012-02-10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-02-10 05:00:26 | 000,645,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2011-12-12 21:10:50 | 000,075,136 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-05-04 06:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011-02-18 17:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010-11-20 14:17:58 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2010-11-20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-11-20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2010-11-20 14:17:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2010-10-07 13:23:00 | 000,345,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009-08-18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009-08-18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009-07-14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2009-07-14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-07-14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-07-14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2009-07-14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-02-18 17:29:12 | 000,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2006-12-19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\System32\IoctlSvc.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-04-14 16:08:12 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012-03-30 12:33:32 | 000,995,840 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.dll
MOD - [2012-03-26 10:14:28 | 000,851,456 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\Device.dll
MOD - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
MOD - [2012-03-20 18:08:06 | 000,593,408 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\NewUI.dll
MOD - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
MOD - [2012-03-13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-03-13 06:38:04 | 015,915,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2012-03-13 06:37:21 | 000,019,896 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2012-03-13 06:37:17 | 000,158,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2012-03-13 06:37:13 | 000,170,936 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2012-03-13 06:37:11 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2012-03-13 06:37:10 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
MOD - [2012-03-13 06:37:08 | 000,020,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2012-03-13 06:37:07 | 000,022,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2012-03-13 06:37:05 | 000,105,400 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2012-03-13 06:37:03 | 000,109,496 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2012-03-13 06:37:01 | 000,371,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2012-03-13 06:37:00 | 000,646,072 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2012-03-13 06:36:57 | 000,187,320 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2012-03-13 06:36:56 | 000,818,104 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-03-13 06:36:53 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-03-13 06:36:50 | 000,044,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2012-03-13 06:36:49 | 000,016,312 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2012-03-13 06:36:41 | 000,269,240 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
MOD - [2012-02-10 06:13:00 | 007,713,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
MOD - [2012-02-10 06:13:00 | 002,801,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
MOD - [2012-02-10 06:13:00 | 002,301,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
MOD - [2012-02-10 06:13:00 | 000,981,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
MOD - [2012-02-10 06:13:00 | 000,639,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll
MOD - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
MOD - [2012-02-10 05:02:06 | 003,262,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvui.dll
MOD - [2012-02-09 21:05:34 | 000,154,944 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
MOD - [2012-02-09 21:05:28 | 000,691,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
MOD - [2012-02-09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012-01-25 10:47:56 | 000,686,592 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\bvrpctln.dll
MOD - [2012-01-18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
MOD - [2012-01-16 11:25:54 | 000,192,000 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\WebServices.dll
MOD - [2012-01-11 19:00:14 | 000,336,896 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\DownloadManager.dll
MOD - [2012-01-11 18:58:40 | 000,271,360 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\Statistics.dll
MOD - [2012-01-11 18:55:02 | 000,306,688 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\PluginManager.dll
MOD - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2011-11-23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
MOD - [2011-11-17 07:38:39 | 001,288,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2011-11-04 01:02:45 | 012,279,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
MOD - [2011-11-04 00:47:42 | 001,798,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
MOD - [2011-11-04 00:46:47 | 009,705,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2011-11-04 00:40:43 | 001,103,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2011-11-04 00:39:47 | 001,127,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2011-11-04 00:32:17 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2011-09-22 13:11:56 | 000,410,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll
MOD - [2011-09-22 13:09:44 | 000,093,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll
MOD - [2011-09-22 13:07:26 | 000,183,904 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll
MOD - [2011-09-22 13:05:24 | 000,394,024 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll
MOD - [2011-09-22 13:04:32 | 001,044,984 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll
MOD - [2011-09-22 13:02:30 | 000,101,504 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll
MOD - [2011-09-22 13:01:56 | 000,097,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll
MOD - [2011-09-22 13:00:52 | 000,245,704 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll
MOD - [2011-08-27 06:26:27 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2011-08-27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2011-07-16 06:27:30 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2011-07-16 06:27:30 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2011-07-04 19:46:24 | 004,514,400 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\ggsip.dll
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-07-04 19:45:36 | 000,815,712 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\networkdao.dll
MOD - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
MOD - [2011-06-17 03:02:31 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011-06-17 03:01:15 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
MOD - [2011-06-17 03:01:14 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011-06-17 03:01:14 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011-05-24 14:20:46 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll
MOD - [2011-05-24 14:20:46 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-04-04 14:14:46 | 000,113,664 | ---- | M] (Avanquest Software) -- C:\Program Files\Sony\Sony PC Companion\WUNPACLN.dll
MOD - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
MOD - [2011-03-03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
MOD - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
MOD - [2011-02-19 08:30:51 | 001,076,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
MOD - [2011-02-19 08:30:50 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
MOD - [2011-02-17 11:00:46 | 000,327,680 | ---- | M] ([url="http://hunspell.sourceforge.net/"]http://hunspell.sourceforge.net/[/url]) -- C:\Program Files\Gadu-Gadu 10\libhunspell.dll
MOD - [2011-02-17 11:00:44 | 000,319,488 | ---- | M] (The cURL library, [url="http://curl.haxx.se/"]http://curl.haxx.se/[/url]) -- C:\Program Files\Gadu-Gadu 10\libcurl.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 001,163,264 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files\Gadu-Gadu 10\libeay32.dll
MOD - [2011-02-17 10:59:32 | 000,253,952 | ---- | M] (The OpenSSL Project, [url="http://www.openssl.org/"]http://www.openssl.org/[/url]) -- C:\Program Files\Gadu-Gadu 10\ssleay32.dll
MOD - [2011-01-17 07:47:13 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
MOD - [2010-12-13 10:58:50 | 000,047,616 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2010-11-20 14:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2010-11-20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2010-11-20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2010-11-20 14:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll
MOD - [2010-11-20 14:21:36 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2010-11-20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
MOD - [2010-11-20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2010-11-20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2010-11-20 14:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll
MOD - [2010-11-20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
MOD - [2010-11-20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
MOD - [2010-11-20 14:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
MOD - [2010-11-20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
MOD - [2010-11-20 14:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
MOD - [2010-11-20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2010-11-20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2010-11-20 14:21:33 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2010-11-20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2010-11-20 14:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
MOD - [2010-11-20 14:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2010-11-20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2010-11-20 14:21:27 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
MOD - [2010-11-20 14:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
MOD - [2010-11-20 14:21:26 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2010-11-20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll
MOD - [2010-11-20 14:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2010-11-20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2010-11-20 14:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2010-11-20 14:21:19 | 012,872,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2010-11-20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2010-11-20 14:21:15 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2010-11-20 14:21:15 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
MOD - [2010-11-20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2010-11-20 14:21:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2010-11-20 14:21:06 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFolder.dll
MOD - [2010-11-20 14:21:04 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
MOD - [2010-11-20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2010-11-20 14:21:03 | 000,653,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2010-11-20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll
MOD - [2010-11-20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
MOD - [2010-11-20 14:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
MOD - [2010-11-20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2010-11-20 14:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2010-11-20 14:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll
MOD - [2010-11-20 14:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
MOD - [2010-11-20 14:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2010-11-20 14:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2010-11-20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010-11-20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2010-11-20 14:20:46 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
MOD - [2010-11-20 14:20:30 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll
MOD - [2010-11-20 14:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
MOD - [2010-11-20 14:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
MOD - [2010-11-20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2010-11-20 14:20:27 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
MOD - [2010-11-20 14:19:56 | 001,390,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
MOD - [2010-11-20 14:19:56 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
MOD - [2010-11-20 14:19:56 | 000,232,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
MOD - [2010-11-20 14:19:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
MOD - [2010-11-20 14:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
MOD - [2010-11-20 14:19:48 | 002,341,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2010-11-20 14:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
MOD - [2010-11-20 14:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2010-11-20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2010-11-20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
MOD - [2010-11-20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2010-11-20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
MOD - [2010-11-20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2010-11-20 14:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2010-11-20 14:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll
MOD - [2010-11-20 14:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
MOD - [2010-11-20 14:19:05 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
MOD - [2010-11-20 14:19:05 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2010-11-20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2010-11-20 14:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
MOD - [2010-11-20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2010-11-20 14:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
MOD - [2010-11-20 14:18:36 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
MOD - [2010-11-20 14:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
MOD - [2010-11-20 14:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
MOD - [2010-11-20 14:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2010-11-20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
MOD - [2010-11-20 14:18:25 | 001,171,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
MOD - [2010-11-20 14:18:25 | 001,003,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
MOD - [2010-11-20 14:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll
MOD - [2010-11-20 14:18:25 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
MOD - [2010-11-20 14:18:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
MOD - [2010-11-20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2010-11-20 14:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll
MOD - [2010-11-20 14:18:24 | 001,154,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
MOD - [2010-11-20 14:18:24 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
MOD - [2010-11-20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010-11-20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2010-11-20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2010-11-20 14:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
MOD - [2010-11-20 14:18:05 | 001,792,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2010-11-20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2010-11-20 14:18:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
MOD - [2010-11-20 14:18:03 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2010-11-20 14:18:02 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2010-11-20 14:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
MOD - [2010-11-20 14:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
MOD - [2010-11-20 14:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2010-11-20 14:16:50 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2010-11-20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2010-11-20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
MOD - [2010-11-20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010-11-20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010-10-07 13:23:00 | 000,152,864 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mdnsNSP.dll
MOD - [2009-09-23 16:05:04 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Gadu-Gadu 10\dbghelp.dll
MOD - [2009-09-23 16:04:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll
MOD - [2009-08-18 11:29:22 | 000,134,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
MOD - [2009-07-14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009-07-14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll
MOD - [2009-07-14 03:16:21 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2009-07-14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll
MOD - [2009-07-14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll
MOD - [2009-07-14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2009-07-14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2009-07-14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
MOD - [2009-07-14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2009-07-14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
MOD - [2009-07-14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2009-07-14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2009-07-14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2009-07-14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll
MOD - [2009-07-14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009-07-14 03:16:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
MOD - [2009-07-14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009-07-14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-07-14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009-07-14 03:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
MOD - [2009-07-14 03:16:15 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tapi32.dll
MOD - [2009-07-14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll
MOD - [2009-07-14 03:16:15 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2009-07-14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll
MOD - [2009-07-14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shfolder.dll
MOD - [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-07-14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll
MOD - [2009-07-14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasapi32.dll
MOD - [2009-07-14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2009-07-14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
MOD - [2009-07-14 03:16:12 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDist.dll
MOD - [2009-07-14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oledlg.dll
MOD - [2009-07-14 03:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2009-07-14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasman.dll
MOD - [2009-07-14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll
MOD - [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-14 03:16:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\perfos.dll
MOD - [2009-07-14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll
MOD - [2009-07-14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009-07-14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-07-14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2009-07-14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll
MOD - [2009-07-14 03:16:03 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
MOD - [2009-07-14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll
MOD - [2009-07-14 03:15:50 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-07-14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009-07-14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
MOD - [2009-07-14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll
MOD - [2009-07-14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2009-07-14 03:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-07-14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2009-07-14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
MOD - [2009-07-14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-07-14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
MOD - [2009-07-14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
MOD - [2009-07-14 03:15:36 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2009-07-14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll
MOD - [2009-07-14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2009-07-14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2009-07-14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll
MOD - [2009-07-14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll
MOD - [2009-07-14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll
MOD - [2009-07-14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
MOD - [2009-07-14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll
MOD - [2009-07-14 03:15:20 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
MOD - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll
MOD - [2009-07-14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
MOD - [2009-07-14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll
MOD - [2009-07-14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll
MOD - [2009-07-14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2009-07-14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-14 03:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll
MOD - [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
MOD - [2009-07-14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll
MOD - [2009-07-14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2009-07-14 03:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2009-07-14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
MOD - [2009-07-14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
MOD - [2009-07-14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2009-07-14 03:15:07 | 001,030,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
MOD - [2009-07-14 03:15:07 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
MOD - [2009-07-14 03:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll
MOD - [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009-07-14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2009-07-14 03:14:57 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-07-14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009-07-14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2009-07-14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
MOD - [2009-07-14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009-07-14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
MOD - [2009-07-14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
MOD - [2009-07-14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll
MOD - [2009-07-14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll
MOD - [2008-10-25 10:27:54 | 000,044,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-14 16:08:12 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-06-04 11:03:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-06-13 02:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2012-02-10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011-11-10 11:22:55 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-08-09 15:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 10:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-05-16 22:49:27 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010-05-16 22:48:26 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010-05-16 22:48:26 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010-03-19 16:14:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-03-19 16:14:12 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009-03-25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009-03-25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009-03-25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009-03-25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009-03-25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009-03-25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009-03-25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-02-16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-07-14 11:51:24 | 000,002,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\portio32.sys -- (portio32)
DRV - [2004-03-19 18:11:22 | 000,090,968 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = [url="http://search.msn.com/spbasic.htm"]http://search.msn.com/spbasic.htm[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url]
IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kuba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-27 17:46:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-23 01:23:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-02-18 16:26:50 | 000,000,000 | ---D | M]

[2010-02-27 05:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions
[2012-03-31 17:18:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions
[2012-01-03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\askcom.xml
[2012-03-31 17:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-03-31 17:06:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2010-02-27 13:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions
[2010-02-27 13:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012-03-13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-03-31 17:06:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-03-13 07:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-13 07:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-03-13 07:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-03-13 07:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-03-13 07:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-03-13 07:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

Hosts file not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B65B1F8B-1E95-46CC-B2C1-1BA6C9594A10}: DhcpNameServer = 172.22.1.13 8.8.8.8
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - State: "bootini" - 0
MsConfig - State: "startup" - 0
MsConfig - State: "services" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-04-18 23:26:24 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012-04-18 21:43:45 | 002,072,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Kuba\Desktop\tdsskiller.exe
[2012-04-10 22:51:59 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\TI
[2012-04-10 21:56:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-04-05 01:17:53 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Syndicate
[2012-03-31 17:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-03-28 14:08:02 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Kuba
[2012-03-22 22:33:30 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Rovio
[2012-03-22 22:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
[2012-03-10 00:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012-03-10 00:06:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-03-10 00:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012-03-10 00:01:54 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012-03-09 23:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\Phyxion.net
[2012-03-08 19:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2012-03-08 19:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2012-03-08 19:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012-03-02 12:35:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012-03-02 12:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012-03-02 12:33:09 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Google
[2012-03-01 03:41:20 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flashtool
[2012-03-01 03:40:25 | 000,000,000 | ---D | C] -- C:\Flashtool
[2012-02-21 18:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Local\Unity
[2012-02-21 18:25:49 | 000,594,752 | ---- | C] (Unity Technologies ApS) -- C:\Users\Kuba\Desktop\UnityWebPlayer.exe

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-04-19 14:09:39 | 000,582,215 | ---- | M] () -- C:\Users\Kuba\Desktop\adwcleaner.exe
[2012-04-19 14:08:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-19 14:00:33 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-19 13:59:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-19 13:59:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-19 13:56:13 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-19 13:56:13 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-19 13:56:13 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-19 13:56:13 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-19 13:52:04 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012-04-19 13:51:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-19 13:44:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-18 23:27:30 | 000,302,592 | ---- | M] () -- C:\Users\Kuba\Desktop\jh5ubgg3.exe
[2012-04-18 21:44:06 | 002,072,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kuba\Desktop\tdsskiller.exe
[2012-04-18 01:48:21 | 015,719,504 | ---- | M] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3
[2012-04-16 00:26:17 | 000,157,225 | ---- | M] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf
[2012-04-15 23:46:35 | 000,586,392 | ---- | M] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf
[2012-04-12 10:10:09 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012-04-11 02:53:48 | 000,145,576 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2012-03-29 11:04:02 | 001,334,738 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02296.JPG
[2012-03-29 11:03:48 | 001,491,329 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02295.JPG
[2012-03-29 11:03:36 | 001,463,265 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02294.JPG
[2012-03-29 11:03:28 | 001,539,660 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02293.JPG
[2012-03-28 13:32:25 | 000,421,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-03-27 17:47:31 | 000,000,008 | ---- | M] () -- C:\Windows\System32\camera.ini
[2012-03-27 17:46:59 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl
[2012-03-27 17:46:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-03-27 17:43:40 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2012-03-22 22:30:49 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk
[2012-03-16 02:37:53 | 000,000,663 | ---- | M] () -- C:\Users\Kuba\Desktop\DSJ4.lnk
[2012-03-08 02:33:22 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
[2012-03-03 19:25:42 | 000,000,704 | ---- | M] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2012-02-28 19:50:58 | 001,271,472 | ---- | M] () -- C:\Users\Kuba\Documents\DSC02149.JPG
[2012-02-21 18:26:03 | 000,594,752 | ---- | M] (Unity Technologies ApS) -- C:\Users\Kuba\Desktop\UnityWebPlayer.exe

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-18 23:27:26 | 000,302,592 | ---- | C] () -- C:\Users\Kuba\Desktop\jh5ubgg3.exe
[2012-04-18 01:48:05 | 015,719,504 | ---- | C] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3
[2012-04-16 23:01:17 | 001,491,329 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02295.JPG
[2012-04-16 23:01:17 | 001,463,265 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02294.JPG
[2012-04-16 23:01:16 | 001,539,660 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02293.JPG
[2012-04-16 23:01:16 | 001,334,738 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02296.JPG
[2012-04-16 00:26:17 | 000,157,225 | ---- | C] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf
[2012-04-15 23:46:29 | 000,586,392 | ---- | C] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf
[2012-04-11 02:53:48 | 000,145,576 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012-03-31 01:16:11 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-03-27 17:46:42 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-03-27 17:46:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-03-22 22:30:49 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk
[2012-03-10 00:04:34 | 000,008,772 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012-03-08 19:52:57 | 000,001,982 | ---- | C] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012-03-02 12:34:19 | 000,001,032 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-03-02 12:34:17 | 000,001,028 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-02-28 20:47:41 | 001,271,472 | ---- | C] () -- C:\Users\Kuba\Documents\DSC02149.JPG
[2012-02-09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012-01-03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\System32\abgx360.exe
[2011-12-12 21:41:17 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-12-12 21:41:17 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011-12-12 21:41:17 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011-10-24 20:04:28 | 000,000,600 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd
[2011-10-04 18:16:53 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011-07-12 16:44:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011-05-29 21:06:18 | 000,000,008 | ---- | C] () -- C:\Windows\System32\camera.ini
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011-02-27 14:12:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-02-27 14:10:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-02-17 08:29:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011-01-26 01:28:04 | 000,019,968 | ---- | C] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-26 00:38:22 | 000,002,048 | ---- | C] () -- C:\Windows\System32\drivers\portio32.sys
[2010-06-21 23:46:40 | 000,039,712 | ---- | C] () -- C:\Windows\System32\ASL.dll
[2010-05-18 22:28:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010-05-18 22:25:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010-02-28 02:36:51 | 000,138,056 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\PnkBstrK.sys
[2010-02-27 15:07:24 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini

[color=#E56717]========== LOP Check ==========[/color]

[2011-07-17 00:40:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.minecraft
[2012-03-11 15:40:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\abgx360
[2011-02-28 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer
[2010-02-27 17:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bioshock2
[2010-09-18 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bump Technologies, Inc
[2010-03-22 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Command and Conquer 4
[2010-02-28 01:46:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools
[2010-03-02 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2012-02-29 00:41:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DarknessII
[2011-06-24 17:40:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Day 1 Studios
[2011-11-06 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DeepBurner
[2011-11-09 19:20:18 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\FMA
[2012-03-25 17:15:23 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Gadu-Gadu 10
[2011-11-28 20:20:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GG Tools
[2011-11-10 03:06:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ImgBurn
[2012-03-27 17:44:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\IrfanView
[2010-09-29 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Leadertech
[2012-01-07 23:21:31 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI
[2011-07-26 14:20:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI - Internal Private Closed Beta
[2011-01-09 22:54:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\mkvtoolnix
[2011-11-10 00:58:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\MyPhoneExplorer
[2011-12-31 16:40:26 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Nel
[2011-06-23 01:04:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++
[2011-11-30 18:21:34 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Olsom
[2010-08-15 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\OpenFM
[2011-09-30 19:23:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Origin
[2010-09-12 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PMS
[2010-03-24 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Prison Break
[2011-12-12 21:10:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PunkBuster
[2010-02-28 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Red Alert 3
[2012-03-22 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Rovio
[2010-07-30 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Samsung
[2010-06-30 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sports Interactive
[2011-03-19 01:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\The Creative Assembly
[2011-02-17 01:22:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Tunngle
[2010-02-27 15:21:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft
[2012-04-19 14:09:41 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
[2012-03-21 11:39:13 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2011-09-25 19:59:34 | 000,004,032 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt
[2009-06-10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2010-11-20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2010-02-27 05:17:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009-06-10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-07-14 00:22:47 | 000,010,194 | ---- | M] () -- C:\MP4debug.log
[2010-11-18 21:39:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010-09-11 15:06:35 | 000,271,082 | RHS- | M] () -- C:\PTRQH
[2012-04-18 21:49:08 | 000,135,756 | ---- | M] () -- C:\TDSSKiller.2.7.29.0_18.04.2012_21.46.00_log.txt
[2012-04-18 23:28:33 | 000,138,900 | ---- | M] () -- C:\TDSSKiller.2.7.29.0_18.04.2012_23.25.02_log.txt
[2012-04-18 23:32:10 | 000,136,270 | ---- | M] () -- C:\TDSSKiller.2.7.29.0_18.04.2012_23.30.55_log.txt
[2010-09-11 15:06:35 | 000,000,020 | RHS- | M] () -- C:\win7.ld


[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009-07-14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009-07-14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\System32\drivers\beep.sys
[2009-07-14 01:45:01 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=505506526A9D467307B3C393DEDAF858 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.1.7600.16385_none_c3f6f77668f0ddcc\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2009-07-14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010-11-20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-07-14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010-11-20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-10-28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009-10-28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012-01-13 15:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010-11-20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009-07-14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< End of report >

[/log]

[log]OTL Extras logfile created on: 2012-04-19 14:06:56 - Run 3
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,59% Memory free
3,35 Gb Paging File | 2,14 Gb Available in Paging File | 64,08% Paging File free
Paging file location(s): d:\pagefile.sys 100 4900 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 1,42 Gb Free Space | 4,16% Space Free | Partition Type: NTFS
Drive D: | 431,57 Gb Total Space | 29,30 Gb Free Space | 6,79% Space Free | Partition Type: NTFS

Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Społeczności
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1" = Symulator Jazdy 2 v.1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java™ SE Development Kit 6 Update 26
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004
"{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}" = Google Earth Plug-in
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{685BCFA5-6B62-49D3-97EA-E7C29A70D961}" = Modern warfare 2 Multiplayer - Gardzij
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Społeczności
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Społeczności Na wakacjach
"{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"abgx360" = abgx360 v1.0.6
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AIMP2" = AIMP2
"ALLConverter to PSP_is1" = ALLConverter to PSP
"AviSynth" = AviSynth 2.5
"Battlelog Web Plugins" = Battlelog Web Plugins
"CanonMyPrinter" = Canon Utilities My Printer
"CCleaner" = CCleaner
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"CloneCD" = CloneCD
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Flashtool" = Flashtool
"Fraps" = Fraps (remove only)
"Gadu-Gadu 10" = Gadu-Gadu 10
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GG Tools_is1" = GG Tools
"GTA IV - Ultimate Vehicle Pack" = GTA IV - Ultimate Vehicle Pack v6.0.0.0
"ImgBurn" = ImgBurn
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MKVtoolnix" = MKVtoolnix 4.4.0
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"MPE" = MyPhoneExplorer
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PS3 Media Server" = PS3 Media Server
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 2.0.2
"SopCast" = SopCast 3.2.9
"Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
"Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204
"UltraISO_is1" = UltraISO Premium V9.36
"UnderCoverXP_is1" = UnderCoverXP 1.23
"Update Engine" = Sony Ericsson Update Engine
"Update Service" = Update Service
"uTorrent" = µTorrent
"VirtualDubMod" = VirtualDubMod 1.5.10.2 PL
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR
"winscp3_is1" = WinSCP 4.3.5

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

[/log]

[log]# AdwCleaner v1.601 - Logfile created 04/19/2012 at 14:18:24
# Updated 17/04/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Kuba - KUBA-KOMPUTER
# Running from : C:\Users\Kuba\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\ConduitCommon
File Found : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\Askcom.xml

***** [H. Navipromo] *****


***** [Registry] *****

Key Found : HKCU\Software\Ask&Record
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://www.bigseekpro.com/mediaget/{0b7a993f-4927-4210-a6d8-99dd3eada2ea}

-\\ Mozilla Firefox v11.0 (pl)

## File : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\prefs.js

Found : user_pref("CT1060933..clientLogIsEnabled", true);
Found : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT1060933.CTID", "ct1060933");
Found : user_pref("CT1060933.CurrentServerDate", "25-9-2011");
Found : user_pref("CT1060933.DialogsAlignMode", "LTR");
Found : user_pref("CT1060933.DialogsGetterLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200");
Found : user_pref("CT1060933.DownloadReferralCookieData", "");
Found : user_pref("CT1060933.FirstServerDate", "25-9-2011");
Found : user_pref("CT1060933.FirstTime", true);
Found : user_pref("CT1060933.FirstTimeFF3", true);
Found : user_pref("CT1060933.FixPageNotFoundErrors", true);
Found : user_pref("CT1060933.GroupingServerCheckInterval", 1440);
Found : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT1060933.HasUserGlobalKeys", true);
Found : user_pref("CT1060933.Initialize", true);
Found : user_pref("CT1060933.InitializeCommonPrefs", true);
Found : user_pref("CT1060933.InstallationAndCookieDataSentCount", 2);
Found : user_pref("CT1060933.InstallationId", "ConduitStubGeneric");
Found : user_pref("CT1060933.InstallationType", "ConduitStubIntegration");
Found : user_pref("CT1060933.InstalledDate", "Sun Sep 25 2011 11:24:49 GMT+0200");
Found : user_pref("CT1060933.InvalidateCache", false);
Found : user_pref("CT1060933.IsAlertDBUpdated", true);
Found : user_pref("CT1060933.IsGrouping", false);
Found : user_pref("CT1060933.IsInitSetupIni", true);
Found : user_pref("CT1060933.IsMulticommunity", false);
Found : user_pref("CT1060933.IsOpenThankYouPage", false);
Found : user_pref("CT1060933.IsOpenUninstallPage", true);
Found : user_pref("CT1060933.LanguagePackLastCheckTime", "Sun Sep 25 2011 11:24:53 GMT+0200");
Found : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT1060933.LastLogin_3.6.0.10", "Sun Sep 25 2011 16:35:34 GMT+0200");
Found : user_pref("CT1060933.LatestVersion", "3.6.0.10");
Found : user_pref("CT1060933.Locale", "en-us");
Found : user_pref("CT1060933.MCDetectTooltipHeight", "83");
Found : user_pref("CT1060933.MCDetectTooltipShow", false);
Found : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT1060933.MCDetectTooltipWidth", "295");
Found : user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT1060933.OriginalFirstVersion", "3.6.0.10");
Found : user_pref("CT1060933.RadioIsPodcast", false);
Found : user_pref("CT1060933.RadioLastCheckTime", "Sun Sep 25 2011 11:24:52 GMT+0200");
Found : user_pref("CT1060933.RadioLastUpdateIPServer", "0");
Found : user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000");
Found : user_pref("CT1060933.RadioMediaID", "21504191");
Found : user_pref("CT1060933.RadioMediaType", "Media Player");
Found : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");
Found : user_pref("CT1060933.RadioShrinkedFromSetup", false);
Found : user_pref("CT1060933.RadioStationName", "KFOG");
Found : user_pref("CT1060933.RadioStationURL", "hxxp://live.cumulusstreaming.com/KFOG-FM");
Found : user_pref("CT1060933.SHRINK_TOOLBAR", 1);
Found : user_pref("CT1060933.SearchFromAddressBarIsInit", true);
Found : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...]
Found : user_pref("CT1060933.SearchInNewTabEnabled", true);
Found : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Sun Sep 25 2011 11:24:50 GMT+0200");
Found : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT1060933.ServiceMapLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200");
Found : user_pref("CT1060933.SettingsLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200");
Found : user_pref("CT1060933.SettingsLastUpdate", "1314078198");
Found : user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Sun Sep 25 2011 11:24:46 GMT+0200");
Found : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT1060933.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933");
Found : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT1060933.UserID", "UN90275884370292269");
Found : user_pref("CT1060933.ValidationData_Toolbar", 2);
Found : user_pref("CT1060933.alertChannelId", "15651");
Found : user_pref("CT1060933.appApproved.129272674122038321", true);
Found : user_pref("CT1060933.approveUntrustedApps", false);
Found : user_pref("CT1060933.components.1000082", false);
Found : user_pref("CT1060933.ct1060933.DialogsAlignMode", "LTR");
Found : user_pref("CT1060933.ct1060933.InvalidateCache", false);
Found : user_pref("CT1060933.ct1060933.LanguagePackLastCheckTime", "Sun Sep 25 2011 11:24:55 GMT+0200");
Found : user_pref("CT1060933.ct1060933.Locale", "en-us");
Found : user_pref("CT1060933.ct1060933.RadioLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200");
Found : user_pref("CT1060933.ct1060933.RadioLastUpdateIPServer", "0");
Found : user_pref("CT1060933.ct1060933.RadioLastUpdateServer", "129326918102570000");
Found : user_pref("CT1060933.ct1060933.SearchInNewTabLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200");
Found : user_pref("CT1060933.ct1060933.SettingsLastCheckTime", "Sun Sep 25 2011 19:16:38 GMT+0200");
Found : user_pref("CT1060933.ct1060933.SettingsLastUpdate", "1314078198");
Found : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastCheck", "Sun Sep 25 2011 11:24:49 GMT+0200");
Found : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT1060933.ct1060933.components.129032145384800518", false);
Found : user_pref("CT1060933.ct1060933.components.129032148247613461", false);
Found : user_pref("CT1060933.ct1060933.components.129032152822456983", false);
Found : user_pref("CT1060933.ct1060933.components.129032154330894193", false);
Found : user_pref("CT1060933.ct1060933.components.129032155426050046", false);
Found : user_pref("CT1060933.ct1060933.components.129032157011675027", false);
Found : user_pref("CT1060933.ct1060933.components.129032162642925076", false);
Found : user_pref("CT1060933.ct1060933.components.129078058382649592", false);
Found : user_pref("CT1060933.ct1060933.components.129272674122038321", false);
Found : user_pref("CT1060933.ct1060933.globalFirstTimeInfoLastCheckTime", "Sun Sep 25 2011 16:35:34 GMT+0200[...]
Found : user_pref("CT1060933.ct1060933.toolbarAppMetaDataLastCheckTime", "Sun Sep 25 2011 11:24:50 GMT+0200"[...]
Found : user_pref("CT1060933.ct1060933.toolbarContextMenuLastCheckTime", "Sun Sep 25 2011 11:24:55 GMT+0200"[...]
Found : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Sun Sep 25 2011 11:24:47 GMT+0200");
Found : user_pref("CT1060933.homepageProtectorEnableByLogin", true);
Found : user_pref("CT1060933.initDone", true);
Found : user_pref("CT1060933.isAppTrackingManagerOn", true);
Found : user_pref("CT1060933.isFirstRadioInstallation", false);
Found : user_pref("CT1060933.myStuffEnabled", true);
Found : user_pref("CT1060933.myStuffPublihserMinWidth", 400);
Found : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT1060933.oldAppsList", "128346981843587669,128280995260143876,111,129272674122038321,129[...]
Found : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT1060933.searchProtectorEnableByLogin", true);
Found : user_pref("CT1060933.testingCtid", "");
Found : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Sun Sep 25 2011 11:24:47 GMT+0200");
Found : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sun Sep 25 2011 11:24:53 GMT+0200");
Found : user_pref("CT1060933.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct1060933", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1060933&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct1060933&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Kuba\\AppData\\Roaming\\Mozilla\\Fi[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://freecorder.com/gadget/video.html", "833x231")[...]
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT1060933");
Found : user_pref("CommunityToolbar.globalUserId", "ef49c031-b333-4965-bad1-11dd9a4cad60");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Sep 25 2011 11:24:4[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "05a2e50a-1e06-4d7f-854c-376073cde677");

*************************

AdwCleaner[R1].txt - [15587 octets] - [19/04/2012 14:18:24]

########## EOF - C:\AdwCleaner[R1].txt - [15716 octets] ##########

[/log]

Gość
komentarz
komentarz

Zamknij przeglądarkę, uruchom AdwCleaner z opcji[b] Delete.[/b]
Usuń Kasperskiego. To usunie program i kwarantanne.
Usuń GMER

Wykonaj skan OTL wg tej instrukcji http://www.fixitpc.pl/topic/61-diagnostyka-ogolne-raporty-systemowe/#1

  • Dobra wypowiedź 1
swiatek94
komentarz
komentarz (edytowane)

Log z AdwCleaner

[log]# AdwCleaner v1.601 - Logfile created 04/19/2012 at 17:19:13
# Updated 17/04/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Kuba - KUBA-KOMPUTER
# Running from : C:\Users\Kuba\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\ConduitCommon
File Deleted : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\searchplugins\Askcom.xml

***** [H. Navipromo] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://www.bigseekpro.com/mediaget/{0b7a993f-4927-4210-a6d8-99dd3eada2ea} --> hxxp://www.google.fr

-\\ Mozilla Firefox v11.0 (pl)

## File : C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\ll6ytcll.default\prefs.js

Deleted : user_pref("CT1060933..clientLogIsEnabled", true);
Deleted : user_pref("CT1060933..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT1060933..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT1060933.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1060933.CTID", "ct1060933");
Deleted : user_pref("CT1060933.CurrentServerDate", "25-9-2011");
Deleted : user_pref("CT1060933.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1060933.DialogsGetterLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200");
Deleted : user_pref("CT1060933.DownloadReferralCookieData", "");
Deleted : user_pref("CT1060933.FirstServerDate", "25-9-2011");
Deleted : user_pref("CT1060933.FirstTime", true);
Deleted : user_pref("CT1060933.FirstTimeFF3", true);
Deleted : user_pref("CT1060933.FixPageNotFoundErrors", true);
Deleted : user_pref("CT1060933.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1060933.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1060933.HasUserGlobalKeys", true);
Deleted : user_pref("CT1060933.Initialize", true);
Deleted : user_pref("CT1060933.InitializeCommonPrefs", true);
Deleted : user_pref("CT1060933.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT1060933.InstallationId", "ConduitStubGeneric");
Deleted : user_pref("CT1060933.InstallationType", "ConduitStubIntegration");
Deleted : user_pref("CT1060933.InstalledDate", "Sun Sep 25 2011 11:24:49 GMT+0200");
Deleted : user_pref("CT1060933.InvalidateCache", false);
Deleted : user_pref("CT1060933.IsAlertDBUpdated", true);
Deleted : user_pref("CT1060933.IsGrouping", false);
Deleted : user_pref("CT1060933.IsInitSetupIni", true);
Deleted : user_pref("CT1060933.IsMulticommunity", false);
Deleted : user_pref("CT1060933.IsOpenThankYouPage", false);
Deleted : user_pref("CT1060933.IsOpenUninstallPage", true);
Deleted : user_pref("CT1060933.LanguagePackLastCheckTime", "Sun Sep 25 2011 11:24:53 GMT+0200");
Deleted : user_pref("CT1060933.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1060933.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1060933.LastLogin_3.6.0.10", "Sun Sep 25 2011 16:35:34 GMT+0200");
Deleted : user_pref("CT1060933.LatestVersion", "3.6.0.10");
Deleted : user_pref("CT1060933.Locale", "en-us");
Deleted : user_pref("CT1060933.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1060933.MCDetectTooltipShow", false);
Deleted : user_pref("CT1060933.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT1060933.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1060933.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT1060933.OriginalFirstVersion", "3.6.0.10");
Deleted : user_pref("CT1060933.RadioIsPodcast", false);
Deleted : user_pref("CT1060933.RadioLastCheckTime", "Sun Sep 25 2011 11:24:52 GMT+0200");
Deleted : user_pref("CT1060933.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT1060933.RadioLastUpdateServer", "129326918102570000");
Deleted : user_pref("CT1060933.RadioMediaID", "21504191");
Deleted : user_pref("CT1060933.RadioMediaType", "Media Player");
Deleted : user_pref("CT1060933.RadioMenuSelectedID", "EBRadioMenu_CT106093321504191");
Deleted : user_pref("CT1060933.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT1060933.RadioStationName", "KFOG");
Deleted : user_pref("CT1060933.RadioStationURL", "hxxp://live.cumulusstreaming.com/KFOG-FM");
Deleted : user_pref("CT1060933.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT1060933.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1060933.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT106[...]
Deleted : user_pref("CT1060933.SearchInNewTabEnabled", true);
Deleted : user_pref("CT1060933.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT1060933.SearchInNewTabLastCheckTime", "Sun Sep 25 2011 11:24:50 GMT+0200");
Deleted : user_pref("CT1060933.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT1060933.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT1060933.ServiceMapLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200");
Deleted : user_pref("CT1060933.SettingsLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200");
Deleted : user_pref("CT1060933.SettingsLastUpdate", "1314078198");
Deleted : user_pref("CT1060933.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastCheck", "Sun Sep 25 2011 11:24:46 GMT+0200");
Deleted : user_pref("CT1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT1060933.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT1060933.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1060933");
Deleted : user_pref("CT1060933.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT1060933.UserID", "UN90275884370292269");
Deleted : user_pref("CT1060933.ValidationData_Toolbar", 2);
Deleted : user_pref("CT1060933.alertChannelId", "15651");
Deleted : user_pref("CT1060933.appApproved.129272674122038321", true);
Deleted : user_pref("CT1060933.approveUntrustedApps", false);
Deleted : user_pref("CT1060933.components.1000082", false);
Deleted : user_pref("CT1060933.ct1060933.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1060933.ct1060933.InvalidateCache", false);
Deleted : user_pref("CT1060933.ct1060933.LanguagePackLastCheckTime", "Sun Sep 25 2011 11:24:55 GMT+0200");
Deleted : user_pref("CT1060933.ct1060933.Locale", "en-us");
Deleted : user_pref("CT1060933.ct1060933.RadioLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200");
Deleted : user_pref("CT1060933.ct1060933.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT1060933.ct1060933.RadioLastUpdateServer", "129326918102570000");
Deleted : user_pref("CT1060933.ct1060933.SearchInNewTabLastCheckTime", "Sun Sep 25 2011 11:24:54 GMT+0200");
Deleted : user_pref("CT1060933.ct1060933.SettingsLastCheckTime", "Sun Sep 25 2011 19:16:38 GMT+0200");
Deleted : user_pref("CT1060933.ct1060933.SettingsLastUpdate", "1314078198");
Deleted : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastCheck", "Sun Sep 25 2011 11:24:49 GMT+0200");
Deleted : user_pref("CT1060933.ct1060933.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT1060933.ct1060933.components.129032145384800518", false);
Deleted : user_pref("CT1060933.ct1060933.components.129032148247613461", false);
Deleted : user_pref("CT1060933.ct1060933.components.129032152822456983", false);
Deleted : user_pref("CT1060933.ct1060933.components.129032154330894193", false);
Deleted : user_pref("CT1060933.ct1060933.components.129032155426050046", false);
Deleted : user_pref("CT1060933.ct1060933.components.129032157011675027", false);
Deleted : user_pref("CT1060933.ct1060933.components.129032162642925076", false);
Deleted : user_pref("CT1060933.ct1060933.components.129078058382649592", false);
Deleted : user_pref("CT1060933.ct1060933.components.129272674122038321", false);
Deleted : user_pref("CT1060933.ct1060933.globalFirstTimeInfoLastCheckTime", "Sun Sep 25 2011 16:35:34 GMT+0200[...]
Deleted : user_pref("CT1060933.ct1060933.toolbarAppMetaDataLastCheckTime", "Sun Sep 25 2011 11:24:50 GMT+0200"[...]
Deleted : user_pref("CT1060933.ct1060933.toolbarContextMenuLastCheckTime", "Sun Sep 25 2011 11:24:55 GMT+0200"[...]
Deleted : user_pref("CT1060933.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT1060933.globalFirstTimeInfoLastCheckTime", "Sun Sep 25 2011 11:24:47 GMT+0200");
Deleted : user_pref("CT1060933.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT1060933.initDone", true);
Deleted : user_pref("CT1060933.isAppTrackingManagerOn", true);
Deleted : user_pref("CT1060933.isFirstRadioInstallation", false);
Deleted : user_pref("CT1060933.myStuffEnabled", true);
Deleted : user_pref("CT1060933.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1060933.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT1060933.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1060933.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1060933.oldAppsList", "128346981843587669,128280995260143876,111,129272674122038321,129[...]
Deleted : user_pref("CT1060933.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT1060933.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT1060933.testingCtid", "");
Deleted : user_pref("CT1060933.toolbarAppMetaDataLastCheckTime", "Sun Sep 25 2011 11:24:47 GMT+0200");
Deleted : user_pref("CT1060933.toolbarContextMenuLastCheckTime", "Sun Sep 25 2011 11:24:53 GMT+0200");
Deleted : user_pref("CT1060933.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1060933", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct1060933", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1060933",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT1060933&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct1060933&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Kuba\\AppData\\Roaming\\Mozilla\\Fi[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://freecorder.com/gadget/video.html", "833x231")[...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT1060933");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT1060933");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT1060933");
Deleted : user_pref("CommunityToolbar.globalUserId", "ef49c031-b333-4965-bad1-11dd9a4cad60");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Sep 25 2011 11:24:4[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Sep 25 2011 11:24:46 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "05a2e50a-1e06-4d7f-854c-376073cde677");

*************************

AdwCleaner[R1].txt - [15718 octets] - [19/04/2012 14:18:24]
AdwCleaner[S1].txt - [16050 octets] - [19/04/2012 17:19:13]

########## EOF - C:\AdwCleaner[S1].txt - [16179 octets] ##########

[/log]

OTL

[log]OTL logfile created on: 2012-04-19 17:25:05 - Run 4
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 62,38% Memory free
3,35 Gb Paging File | 2,03 Gb Available in Paging File | 60,81% Paging File free
Paging file location(s): d:\pagefile.sys 100 4900 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 1,39 Gb Free Space | 4,06% Space Free | Partition Type: NTFS
Drive D: | 431,57 Gb Total Space | 29,30 Gb Free Space | 6,79% Space Free | Partition Type: NTFS

Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-03-26 02:55:30 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2012-03-14 17:14:00 | 000,446,136 | ---- | M] (Sony) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012-03-13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-02-18 21:06:16 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Kuba\Desktop\OTL.exe
PRC - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-02-10 05:02:27 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012-02-10 05:02:07 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011-07-04 19:45:30 | 013,374,048 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe
PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-03-24 17:46:03 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-04-14 16:08:12 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012-03-13 06:36:53 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-02-09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2012-01-11 10:39:28 | 000,071,680 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2011-11-23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
MOD - [2011-07-04 19:46:20 | 000,217,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\gglog.dll
MOD - [2011-07-04 19:46:18 | 000,123,488 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-07-04 19:46:16 | 000,017,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggipc.dll
MOD - [2011-07-04 19:46:12 | 000,027,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-07-04 19:46:10 | 000,356,960 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2010-12-13 10:58:50 | 000,047,616 | ---- | M] () -- C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2009-09-23 16:04:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Gadu-Gadu 10\zlib1.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-04-14 16:08:12 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-02-10 06:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-01-18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-06-04 11:03:12 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010-06-13 02:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2012-02-10 06:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011-11-10 11:22:55 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011-08-09 15:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 10:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-05-16 22:49:27 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010-05-16 22:48:26 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010-05-16 22:48:26 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010-03-19 16:14:12 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010-03-19 16:14:12 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009-09-28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009-03-25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009-03-25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2009-03-25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2009-03-25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009-03-25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2009-03-25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2009-03-25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2007-02-16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006-07-24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2004-08-13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004-07-14 11:51:24 | 000,002,048 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\portio32.sys -- (portio32)
DRV - [2004-03-19 18:11:22 | 000,090,968 | ---- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbVM31b.sys -- (ZSMC301b)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = [url="http://search.msn.com/spbasic.htm"]http://search.msn.com/spbasic.htm[/url]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url]


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [url="http://www.google.fr"]http://www.google.fr[/url]
IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url="http://fr.msn.com/"]http://fr.msn.com/[/url]
IE - HKU\S-1-5-21-4215226204-2208899973-833160735-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.onet.pl/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kuba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-03-27 17:46:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-23 01:23:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-02-18 16:26:50 | 000,000,000 | ---D | M]

[2010-02-27 05:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Extensions
[2012-03-31 17:18:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kuba\AppData\Roaming\mozilla\Firefox\Profiles\ll6ytcll.default\extensions
[2012-03-31 17:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-03-31 17:06:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2010-02-27 13:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions
[2010-02-27 13:04:22 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012-03-13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-03-31 17:06:43 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-03-13 07:36:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-13 07:36:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-03-13 07:36:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-03-13 07:36:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-03-13 07:36:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-03-13 07:36:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

Hosts file not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1001..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4215226204-2208899973-833160735-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url="http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab"]http://java.sun.com/...indows-i586.cab[/url] (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [url="http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.m...ash/swflash.cab[/url] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.1.13 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B65B1F8B-1E95-46CC-B2C1-1BA6C9594A10}: DhcpNameServer = 172.22.1.13 8.8.8.8
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-04-18 23:26:24 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012-04-10 22:51:59 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\TI
[2012-04-10 21:56:04 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012-04-05 01:17:53 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Documents\Syndicate
[2012-03-31 17:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012-03-31 17:06:48 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012-03-31 17:06:48 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012-03-31 17:06:47 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012-03-31 01:16:11 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-03-28 14:08:02 | 000,000,000 | ---D | C] -- C:\Users\Kuba\Desktop\Kuba
[2012-03-22 22:33:30 | 000,000,000 | ---D | C] -- C:\Users\Kuba\AppData\Roaming\Rovio
[2012-03-22 22:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-04-19 17:27:05 | 001,661,232 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012-04-19 17:27:05 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-04-19 17:27:05 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-04-19 17:27:05 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-04-19 17:27:05 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-04-19 17:21:19 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-04-19 17:21:08 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012-04-19 17:21:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012-04-19 17:20:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-04-19 17:19:57 | 004,980,736 | -HS- | M] () -- C:\Users\Kuba\ntuser.dat
[2012-04-19 17:19:55 | 002,872,846 | -H-- | M] () -- C:\Users\Kuba\AppData\Local\IconCache.db
[2012-04-19 17:08:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-04-19 16:44:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-04-19 14:09:39 | 000,582,215 | ---- | M] () -- C:\Users\Kuba\Desktop\adwcleaner.exe
[2012-04-19 13:59:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-04-19 13:59:21 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-04-18 01:48:21 | 015,719,504 | ---- | M] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3
[2012-04-16 00:26:17 | 000,157,225 | ---- | M] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf
[2012-04-15 23:46:35 | 000,586,392 | ---- | M] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf
[2012-04-14 16:08:12 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-04-14 16:08:12 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-04-12 10:10:09 | 000,001,982 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2012-04-11 02:53:48 | 000,145,576 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2012-03-31 17:06:43 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012-03-31 17:06:43 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012-03-31 17:06:43 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012-03-31 17:06:43 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012-03-29 11:04:02 | 001,334,738 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02296.JPG
[2012-03-29 11:03:48 | 001,491,329 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02295.JPG
[2012-03-29 11:03:36 | 001,463,265 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02294.JPG
[2012-03-29 11:03:28 | 001,539,660 | ---- | M] () -- C:\Users\Kuba\Desktop\DSC02293.JPG
[2012-03-28 13:32:25 | 000,421,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-03-27 20:39:59 | 000,110,000 | ---- | M] () -- C:\Users\Kuba\AppData\Local\GDIPFONTCACHEV1.DAT
[2012-03-27 17:47:31 | 000,000,008 | ---- | M] () -- C:\Windows\System32\camera.ini
[2012-03-27 17:46:59 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl
[2012-03-27 17:46:42 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-03-27 17:43:40 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat
[2012-03-22 22:30:49 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-04-19 14:09:36 | 000,582,215 | ---- | C] () -- C:\Users\Kuba\Desktop\adwcleaner.exe
[2012-04-18 01:48:05 | 015,719,504 | ---- | C] () -- C:\Users\Kuba\Desktop\Yves Larock, The cruzaders and Juiceppe - strange world (Avesta mix) [www.4clubbers.pl].mp3
[2012-04-16 23:01:17 | 001,491,329 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02295.JPG
[2012-04-16 23:01:17 | 001,463,265 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02294.JPG
[2012-04-16 23:01:16 | 001,539,660 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02293.JPG
[2012-04-16 23:01:16 | 001,334,738 | ---- | C] () -- C:\Users\Kuba\Desktop\DSC02296.JPG
[2012-04-16 00:26:17 | 000,157,225 | ---- | C] () -- C:\Users\Kuba\Desktop\Test ze znajomości Dziadów A. Mickiewicza.pdf
[2012-04-15 23:46:29 | 000,586,392 | ---- | C] () -- C:\Users\Kuba\Desktop\Mickiewicz Adam - Dziady cz. 3.pdf
[2012-04-11 02:53:48 | 000,145,576 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012-03-31 01:16:11 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-03-27 17:46:42 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-03-27 17:46:42 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-03-27 00:54:29 | 002,872,846 | -H-- | C] () -- C:\Users\Kuba\AppData\Local\IconCache.db
[2012-03-22 22:30:49 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\Angry Birds Space.lnk
[2012-02-09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012-01-03 09:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\System32\abgx360.exe
[2011-12-12 21:41:17 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-12-12 21:41:17 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011-12-12 21:41:17 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011-10-24 20:04:28 | 000,000,600 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\winscp.rnd
[2011-10-04 18:16:53 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011-07-12 16:44:54 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011-05-29 21:06:18 | 000,000,008 | ---- | C] () -- C:\Windows\System32\camera.ini
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011-02-27 14:12:18 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011-02-27 14:10:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011-02-27 14:10:57 | 000,053,600 | ---- | C] () -- C:\Windows\System32\dosx.exe
[2011-02-17 08:29:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat
[2011-01-26 01:28:04 | 000,019,968 | ---- | C] () -- C:\Users\Kuba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-11-26 00:38:22 | 000,002,048 | ---- | C] () -- C:\Windows\System32\drivers\portio32.sys
[2010-06-21 23:46:40 | 000,039,712 | ---- | C] () -- C:\Windows\System32\ASL.dll
[2010-05-18 22:28:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010-05-18 22:25:15 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010-02-28 02:36:51 | 000,138,056 | ---- | C] () -- C:\Users\Kuba\AppData\Roaming\PnkBstrK.sys
[2010-02-27 15:07:24 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2010-02-27 13:34:21 | 000,110,000 | ---- | C] () -- C:\Users\Kuba\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#E56717]========== LOP Check ==========[/color]

[2011-07-17 00:40:24 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\.minecraft
[2012-03-11 15:40:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\abgx360
[2011-02-28 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\BESTplayer
[2010-02-27 17:02:00 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bioshock2
[2010-09-18 18:42:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Bump Technologies, Inc
[2010-03-22 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Command and Conquer 4
[2010-02-28 01:46:35 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools
[2010-03-02 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DAEMON Tools Lite
[2012-02-29 00:41:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DarknessII
[2011-06-24 17:40:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Day 1 Studios
[2011-11-06 19:53:07 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\DeepBurner
[2011-11-09 19:20:18 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\FMA
[2012-03-25 17:15:23 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Gadu-Gadu 10
[2011-11-28 20:20:01 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\GG Tools
[2011-11-10 03:06:08 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\ImgBurn
[2012-03-27 17:44:06 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\IrfanView
[2010-09-29 16:20:29 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Leadertech
[2012-01-07 23:21:31 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI
[2011-07-26 14:20:10 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Might & Magic Heroes VI - Internal Private Closed Beta
[2011-01-09 22:54:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\mkvtoolnix
[2011-11-10 00:58:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\MyPhoneExplorer
[2011-12-31 16:40:26 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Nel
[2011-06-23 01:04:56 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Notepad++
[2011-11-30 18:21:34 | 000,000,000 | -H-D | M] -- C:\Users\Kuba\AppData\Roaming\Olsom
[2010-08-15 13:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\OpenFM
[2011-09-30 19:23:34 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Origin
[2010-09-12 15:14:15 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PMS
[2010-03-24 00:58:32 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Prison Break
[2011-12-12 21:10:48 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\PunkBuster
[2010-02-28 14:10:52 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Red Alert 3
[2012-03-22 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Rovio
[2010-07-30 02:18:39 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Samsung
[2010-06-30 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Sports Interactive
[2011-03-19 01:52:16 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\The Creative Assembly
[2011-02-17 01:22:28 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Tunngle
[2010-02-27 15:21:49 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\Ubisoft
[2012-04-19 17:27:50 | 000,000,000 | ---D | M] -- C:\Users\Kuba\AppData\Roaming\uTorrent
[2012-03-21 11:39:13 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



< End of report >

[/log]

[log]OTL Extras logfile created on: 2012-04-19 17:25:05 - Run 4
OTL by OldTimer - Version 3.2.33.0 Folder = C:\Users\Kuba\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,25 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 62,38% Memory free
3,35 Gb Paging File | 2,03 Gb Available in Paging File | 60,81% Paging File free
Paging file location(s): d:\pagefile.sys 100 4900 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 34,18 Gb Total Space | 1,39 Gb Free Space | 4,06% Space Free | Partition Type: NTFS
Drive D: | 431,57 Gb Total Space | 29,30 Gb Free Space | 6,79% Space Free | Partition Type: NTFS

Computer Name: KUBA-KOMPUTER | User Name: Kuba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{002FA4C4-DDFE-4E83-A5E0-E2A18B965468}" = Phoenix Service Software
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Społeczności
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{1C36647E-F5BD-43E9-BA64-5F274B7F7051}_is1" = Symulator Jazdy 2 v.1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java™ SE Development Kit 6 Update 26
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4EAE665D-957A-4D04-9679-3AD582008877}" = NVIDIA PhysX
"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5B119660-1788-11D8-8EB8-0050BF643EE7}" = digestIT 2004
"{5C4D532E-4EC9-11E1-9544-B8AC6F97B88E}" = Google Earth Plug-in
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{685BCFA5-6B62-49D3-97EA-E7C29A70D961}" = Modern warfare 2 Multiplayer - Gardzij
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_ENTERPRISE_{E9EA2604-8AC9-47D2-8F4B-6BF60787A357}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007
"{90120000-0044-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_ENTERPRISE_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007
"{90120000-00A1-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007
"{90120000-00BA-0415-0000-0000000FF1CE}_ENTERPRISE_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B0F9788-3141-4009-846E-52E59843E963}" = SimCity™ Społeczności
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Sterownik 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panel sterowania NVIDIA 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Sterownik graficzny 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Sterownik kontrolera 3D Vision 295.73
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Oprogramowanie systemu PhysX 9.12.0209
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizacje NVIDIA 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{D1C7BB12-BE01-11DC-AAC9-EEBA55D89593}" = SimCity™ Społeczności Na wakacjach
"{D6D5CB84-0E6E-4E69-B300-C690B6911045}" = Nero 8
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.053
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F627CDBC-8323-4024-9691-A0A6533F43E0}" = ESET NOD32 Antivirus
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"abgx360" = abgx360 v1.0.6
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AIMP2" = AIMP2
"ALLConverter to PSP_is1" = ALLConverter to PSP
"AviSynth" = AviSynth 2.5
"Battlelog Web Plugins" = Battlelog Web Plugins
"CanonMyPrinter" = Canon Utilities My Printer
"CCleaner" = CCleaner
"Cheat Engine 6.0_is1" = Cheat Engine 6.0
"CloneCD" = CloneCD
"DAEMON Tools Lite" = DAEMON Tools Lite
"Deluxe Ski Jump 4_is1" = Deluxe Ski Jump 4
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Flashtool" = Flashtool
"Fraps" = Fraps (remove only)
"Gadu-Gadu 10" = Gadu-Gadu 10
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GG Tools_is1" = GG Tools
"GTA IV - Ultimate Vehicle Pack" = GTA IV - Ultimate Vehicle Pack v6.0.0.0
"ImgBurn" = ImgBurn
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MKVtoolnix" = MKVtoolnix 4.4.0
"Mozilla Firefox 11.0 (x86 pl)" = Mozilla Firefox 11.0 (x86 pl)
"MPE" = MyPhoneExplorer
"NapiProjekt_is1" = NapiProjekt 1.0.6.9
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"PS3 Media Server" = PS3 Media Server
"PunkBusterSvc" = PunkBuster Services
"RealAlt_is1" = Real Alternative 2.0.2
"SopCast" = SopCast 3.2.9
"Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
"Total Video Converter 3.61_is1" = Total Video Converter 3.60 100204
"UltraISO_is1" = UltraISO Premium V9.36
"UnderCoverXP_is1" = UnderCoverXP 1.23
"Update Engine" = Sony Ericsson Update Engine
"Update Service" = Update Service
"uTorrent" = µTorrent
"VirtualDubMod" = VirtualDubMod 1.5.10.2 PL
"Winamp" = Winamp
"WinRAR archiver" = Archiwizator WinRAR
"winscp3_is1" = WinSCP 4.3.5

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-4215226204-2208899973-833160735-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

[/log]

Mimo usunięcia tdsskiller, logi jak i kwarantanna nadal jest na dysku C, usunąc ręcznie ?-

Gość
komentarz
komentarz

Uruchom OTL i w oknie Własne opcje skanowania/skrypt wklej:


[code]:Files
C:\TDSSKiller_Quarantine
C:\TDSSKiller.2.7.29.0_18.04.2012_21.46.00_log.txt
C:\TDSSKiller.2.7.29.0_18.04.2012_23.25.02_log.txt
C:\TDSSKiller.2.7.29.0_18.04.2012_23.30.55_log.txt

:Commands
[emptytemp][/code]

Kliknij w [b]Wykonaj skrypt[/b].

2 Uruchom AdwCleaner i kliknij[b] Uninstall[/b].

3. Uruchom [b]OTL[/b] i kliknij [b]Sprzatanie[/b].

4. Wyczyść foldery Przywracania systemu - instrukcja http://www.fixitpc.pl/topic/5-dezynfekcja-kroki-finalizujace-temat/page__p__42415#entry42415

5. Zrób pełny skan za pomocą [b]ESET[/b], jeśli coś wykryje przedstaw raport.

  • Dobra wypowiedź 1
swiatek94
komentarz
komentarz

Wykonałem wszystko jak napisałeś, NOD32 po 1h42minutach nic nie wykrył : )

Gość
komentarz
komentarz

[quote]Wykonałem wszystko jak napisałeś, NOD32 po 1h42minutach nic nie wykrył[/quote]

W takim razie nie mam juz nic do roboty.

  • Dobra wypowiedź 1
swiatek94
komentarz
komentarz

Rozumiem, że to jednak był keylogger ( jeśli tak, to jaki dokładnie, bo napisali w informacji, że Blackshades, dlatego się trochę martwię ) ?

Dziękuje bardzo za pomoc i pozdrawiam ! : )

Gość
komentarz
komentarz

Zmień sobie hasła logowania do poczty i serwisów.

Brakuje w systemie pliku Hosts. Poczytaj zrób plik i umieśc w odpowiednim katalogu. mam nadzieje że sobie poradzisz.

http://www.fixitpc.pl/topic/4960-plik-hosts/

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.