x-kom hosting

Proces zabiera rowne 50% cpu

TnOSlayer
utworzono
utworzono (edytowane)

Witam mam pewien problem poniewaz od dzsiaj przy wlanczaniu komputera dowolny proces zabiera 50% cpu a po wylaczeniu przechodzi na nastepny proces ;/

[log]OTL logfile created on: 2012-08-08 23:48:56 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Slayerek\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,49 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 72,60% Memory free
7,17 Gb Paging File | 6,28 Gb Available in Paging File | 87,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 61,65 Gb Free Space | 63,20% Space Free | Partition Type: NTFS
Drive D: | 135,23 Gb Total Space | 56,46 Gb Free Space | 41,75% Space Free | Partition Type: NTFS
Drive G: | 467,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: SLAYEREK-PC | User Name: Slayerek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-08-08 23:48:17 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Slayerek\Downloads\OTL.exe
PRC - [2012-08-08 23:42:26 | 000,030,208 | ---- | M] () -- C:\Users\Slayerek\AppData\Local\Temp\winmqgv.exe
PRC - [2012-08-08 23:42:20 | 000,012,800 | ---- | M] () -- C:\Users\Slayerek\AppData\Local\Temp\winginq.exe
PRC - [2012-08-03 01:04:27 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
PRC - [2012-07-18 20:44:21 | 000,979,424 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-07-03 13:46:44 | 000,528,456 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011-01-04 17:48:12 | 000,488,816 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010-11-09 06:55:18 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2010-07-19 17:42:16 | 000,866,576 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2010-07-19 17:23:28 | 000,477,456 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2010-07-06 22:59:22 | 000,054,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2010-05-30 23:17:06 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2009-04-10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-04-25 10:18:14 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012-08-08 23:42:26 | 000,030,208 | ---- | M] () -- C:\Users\Slayerek\AppData\Local\Temp\winmqgv.exe
MOD - [2012-08-08 23:42:20 | 000,012,800 | ---- | M] () -- C:\Users\Slayerek\AppData\Local\Temp\winginq.exe
MOD - [2012-08-03 01:04:27 | 009,465,032 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012-07-18 20:44:21 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-08-03 01:04:28 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-18 20:44:21 | 000,186,848 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010-07-19 17:42:16 | 000,866,576 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010-07-19 17:23:28 | 000,477,456 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008-04-25 10:18:14 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012-08-06 17:40:24 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-01-05 20:42:14 | 000,284,792 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010-07-14 04:34:16 | 006,680,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNv32.sys -- (NETwNv32)
DRV - [2010-05-12 22:05:18 | 009,936,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009-04-10 21:39:00 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q=%7BsearchTerms%7D&src=%7Breferrer:source?%7D"]http://search.live.c...ferrer:source?}[/url]

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [url="http://search.live.com/results.aspx?q=%7BsearchTerms%7D&src=%7Breferrer:source?%7D"]http://search.live.c...ferrer:source?}[/url]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-18 20:44:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-07-05 14:51:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Slayerek\AppData\Roaming\mozilla\Extensions
[2012-07-06 18:44:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Slayerek\AppData\Roaming\mozilla\Firefox\Profiles\8y9n6lxs.default\extensions
[2012-07-05 14:51:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-07-18 20:44:21 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-06-15 01:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-06-15 01:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 01:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 01:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 01:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 01:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Slayerek\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6534D55-2C59-4BE2-A518-CFA7C519EC8B}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012-07-05 14:14:28 | 000,000,268 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-05-21 18:08:00 | 000,000,264 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2003-05-23 15:26:56 | 000,061,440 | R--- | M] () - G:\autoplay.exe -- [ UDF ]
O32 - AutoRun File - [2003-02-12 09:01:48 | 000,000,050 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{70975dcf-c69b-11e1-96da-f40343d0b4cc}\Shell\AutOPLAy\CoMmanD - "" = F:\lycjb.pif
O33 - MountPoints2\{70975dcf-c69b-11e1-96da-f40343d0b4cc}\Shell\AutoRun\command - "" = F:\lycjb.pif
O33 - MountPoints2\{70975dcf-c69b-11e1-96da-f40343d0b4cc}\Shell\exPlOrE\COmmANd - "" = F:\lycjb.pif
O33 - MountPoints2\{70975dcf-c69b-11e1-96da-f40343d0b4cc}\Shell\oPEN\cOmmaNd - "" = F:\lycjb.pif
O33 - MountPoints2\{a450efde-d402-11e1-adaf-82705876aec6}\Shell\aUtoPlay\COmmAnD - "" = F:\wplfqc.exe
O33 - MountPoints2\{a450efde-d402-11e1-adaf-82705876aec6}\Shell\AutoRun\command - "" = F:\wplfqc.exe
O33 - MountPoints2\{a450efde-d402-11e1-adaf-82705876aec6}\Shell\eXplOre\Command - "" = F:\wplfqc.exe
O33 - MountPoints2\{a450efde-d402-11e1-adaf-82705876aec6}\Shell\OPEn\commAND - "" = F:\wplfqc.exe
O33 - MountPoints2\{a450efe4-d402-11e1-adaf-82705876aec6}\Shell\AuToplAY\commanD - "" = G:\ulswy.exe
O33 - MountPoints2\{a450efe4-d402-11e1-adaf-82705876aec6}\Shell\AutoRun\command - "" = G:\ulswy.exe
O33 - MountPoints2\{a450efe4-d402-11e1-adaf-82705876aec6}\Shell\expLorE\command - "" = G:\ulswy.exe
O33 - MountPoints2\{a450efe4-d402-11e1-adaf-82705876aec6}\Shell\opEN\coMmAnd - "" = G:\ulswy.exe
O33 - MountPoints2\{e8458eb1-dd72-11e1-a47e-81ec6e0f13ba}\Shell - "" = AutoRun
O33 - MountPoints2\{e8458eb1-dd72-11e1-a47e-81ec6e0f13ba}\Shell\AutoRun\command - "" = G:\autoplay.exe -- [2003-05-23 15:26:56 | 000,061,440 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-08-06 17:49:03 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eurobattle.net
[2012-08-06 17:44:38 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2012-08-06 17:44:38 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012-08-06 17:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012-08-06 17:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-08-06 17:40:24 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-08-06 17:40:18 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\DAEMON Tools Lite
[2012-08-06 17:40:16 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012-08-06 17:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-07-31 14:48:01 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\Documents\NFSTR
[2012-07-31 14:45:07 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012-07-31 14:45:06 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012-07-31 14:45:04 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012-07-31 14:45:04 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012-07-31 14:45:04 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012-07-31 14:45:04 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012-07-31 14:45:04 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012-07-31 14:45:04 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012-07-31 14:45:04 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012-07-31 14:45:04 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012-07-31 14:45:04 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012-07-31 14:45:04 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012-07-31 14:45:04 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012-07-31 14:45:04 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012-07-31 14:45:04 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012-07-31 14:45:04 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012-07-31 14:45:04 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012-07-31 14:45:04 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012-07-31 14:45:04 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012-07-31 14:45:04 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012-07-31 14:45:04 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012-07-31 14:45:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012-07-31 14:45:03 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012-07-31 14:33:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-07-31 14:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst
[2012-07-28 04:50:53 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
[2012-07-28 04:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
[2012-07-28 04:50:52 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\BITS
[2012-07-28 04:50:43 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\FlashgetSetup
[2012-07-28 04:50:40 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\FlashGetBHO
[2012-07-28 04:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network
[2012-07-28 04:50:36 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\FlashGet
[2012-07-28 02:06:41 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\WinRAR
[2012-07-28 02:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-07-16 19:49:12 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\LolClient
[2012-07-16 19:47:20 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012-07-16 19:47:20 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012-07-16 19:47:20 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012-07-16 19:47:20 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012-07-16 19:47:20 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012-07-16 19:47:20 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012-07-16 19:47:20 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012-07-16 19:47:20 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012-07-16 19:47:19 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012-07-16 19:47:19 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012-07-16 19:47:19 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012-07-16 19:47:19 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012-07-16 19:47:19 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012-07-16 19:47:19 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012-07-16 19:47:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012-07-16 19:47:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012-07-16 19:47:19 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012-07-16 19:47:19 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012-07-16 19:47:19 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012-07-16 19:47:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012-07-16 19:47:19 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012-07-16 19:47:18 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012-07-16 19:47:18 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012-07-16 19:47:18 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012-07-16 19:47:18 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012-07-16 19:47:18 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012-07-16 19:47:18 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012-07-16 19:47:18 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012-07-16 19:47:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012-07-16 19:47:18 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012-07-16 19:47:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012-07-16 19:47:18 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012-07-16 19:47:18 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012-07-16 19:47:18 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012-07-16 19:47:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012-07-16 19:47:18 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012-07-16 19:47:18 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012-07-16 19:47:18 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012-07-16 19:47:17 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012-07-16 19:47:17 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012-07-16 19:47:17 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012-07-16 19:47:17 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012-07-16 19:47:17 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012-07-16 19:47:17 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012-07-16 19:47:17 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012-07-16 19:47:17 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012-07-16 19:47:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012-07-16 19:47:17 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012-07-16 19:47:17 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012-07-16 19:47:17 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012-07-16 19:47:17 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012-07-16 19:47:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012-07-16 19:47:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012-07-16 19:47:17 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012-07-16 19:47:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012-07-16 19:47:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012-07-16 19:47:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012-07-16 19:47:16 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012-07-16 19:47:16 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012-07-16 19:47:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012-07-16 19:47:16 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012-07-16 19:47:16 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012-07-16 19:47:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012-07-16 19:47:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012-07-16 19:47:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012-07-16 19:47:16 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012-07-16 19:47:16 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012-07-16 19:47:16 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012-07-16 19:47:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012-07-16 19:47:16 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012-07-16 19:47:15 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012-07-16 19:47:15 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012-07-16 19:47:15 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012-07-16 19:47:15 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012-07-16 19:47:15 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012-07-16 19:47:15 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012-07-16 19:47:15 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012-07-16 19:47:15 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012-07-16 19:47:15 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012-07-16 19:47:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012-07-16 19:47:13 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012-07-16 19:47:13 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012-07-16 19:47:09 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012-07-16 19:47:09 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012-07-16 19:47:09 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012-07-16 19:47:09 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012-07-16 19:47:09 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012-07-16 19:47:09 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012-07-16 19:47:09 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012-07-16 19:47:09 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012-07-16 19:47:09 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012-07-16 19:46:36 | 000,000,000 | ---D | C] -- C:\DX

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-08-08 23:46:14 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-08-08 23:46:14 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-08-08 23:46:14 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-08-08 23:46:14 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-08-08 23:39:47 | 000,099,328 | ---- | M] () -- C:\lgpcg.exe
[2012-08-08 23:39:01 | 000,032,165 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012-08-08 23:39:01 | 000,032,165 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012-08-08 23:38:52 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-08 23:38:52 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-08 23:38:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-08 23:38:48 | 3745,427,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-08 23:34:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-08-06 17:49:03 | 000,000,618 | ---- | M] () -- C:\Users\Slayerek\Desktop\Euroloader.lnk
[2012-08-06 17:49:03 | 000,000,562 | ---- | M] () -- C:\Users\Slayerek\Desktop\gproxy.lnk
[2012-08-06 17:47:40 | 000,062,465 | ---- | M] () -- C:\Windows\War3Unin.dat
[2012-08-06 17:47:08 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2012-08-06 17:47:08 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2012-08-06 17:40:24 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-08-03 01:04:27 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-08-03 01:04:27 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012-07-31 14:18:43 | 000,000,711 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed. The Run.lnk
[2012-07-28 12:36:10 | 000,001,348 | ---- | M] () -- C:\Windows\System32\secustat.dat
[2012-07-28 06:10:59 | 000,007,630 | ---- | M] () -- C:\Windows\System32\secushr.dat
[2012-07-28 04:51:17 | 000,001,344 | ---- | M] () -- C:\Users\Slayerek\Desktop\FlashGet downloads.lnk
[2012-07-28 04:51:01 | 000,000,025 | ---- | M] () -- C:\Windows\libem.INI
[2012-07-17 11:21:10 | 000,000,631 | ---- | M] () -- C:\Users\Slayerek\Desktop\League of Legends.lnk

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-08-08 23:39:47 | 000,099,328 | ---- | C] () -- C:\lgpcg.exe
[2012-08-06 17:49:03 | 000,000,618 | ---- | C] () -- C:\Users\Slayerek\Desktop\Euroloader.lnk
[2012-08-06 17:49:03 | 000,000,562 | ---- | C] () -- C:\Users\Slayerek\Desktop\gproxy.lnk
[2012-08-06 17:44:38 | 000,062,465 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012-08-06 17:44:38 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2012-07-31 14:18:43 | 000,000,711 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed. The Run.lnk
[2012-07-28 06:28:46 | 000,001,348 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2012-07-28 05:10:28 | 000,007,630 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2012-07-28 04:51:17 | 000,001,344 | ---- | C] () -- C:\Users\Slayerek\Desktop\FlashGet downloads.lnk
[2012-07-28 04:51:01 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2012-07-17 11:21:10 | 000,000,631 | ---- | C] () -- C:\Users\Slayerek\Desktop\League of Legends.lnk
[2012-07-05 17:41:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012-07-05 17:40:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012-07-05 17:40:42 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012-07-05 15:06:41 | 000,032,165 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012-07-05 15:06:39 | 000,032,165 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2012-07-05 15:04:51 | 001,731,176 | ---- | C] () -- C:\Windows\System32\nvwdmcpl.dll
[2012-07-05 15:04:51 | 001,722,984 | ---- | C] () -- C:\Windows\System32\nwiz.exe
[2012-07-05 15:04:51 | 001,612,392 | ---- | C] () -- C:\Windows\System32\nView.dll
[2012-07-05 15:04:51 | 001,108,584 | ---- | C] () -- C:\Windows\System32\nvwimg.dll
[2012-07-05 15:04:51 | 000,473,704 | ---- | C] () -- C:\Windows\System32\nvShell.dll
[2012-07-05 15:04:51 | 000,449,128 | ---- | C] () -- C:\Windows\System32\nvAppBar.exe
[2012-07-05 15:04:51 | 000,267,368 | ---- | C] () -- C:\Windows\System32\nvTaskbar.exe
[2012-07-05 15:04:51 | 000,262,248 | ---- | C] () -- C:\Windows\System32\nViewSetup.exe
[2012-07-05 14:32:33 | 000,007,168 | ---- | C] () -- C:\Users\Slayerek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-07-05 13:57:43 | 000,000,680 | ---- | C] () -- C:\Users\Slayerek\AppData\Local\d3d9caps.dat

< End of report >





















OTL Extras logfile created on: 2012-08-08 23:48:56 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Slayerek\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,49 Gb Total Physical Memory | 2,53 Gb Available Physical Memory | 72,60% Memory free
7,17 Gb Paging File | 6,28 Gb Available in Paging File | 87,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 61,65 Gb Free Space | 63,20% Space Free | Partition Type: NTFS
Drive D: | 135,23 Gb Total Space | 56,46 Gb Free Space | 41,75% Space Free | Partition Type: NTFS
Drive G: | 467,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: SLAYEREK-PC | User Name: Slayerek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3366845728-784585638-755298595-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"D:\Instalki\DTLite4454-0315_[www.programosy.pl].exe" = D:\Instalki\DTLite4454-0315_[www.programosy.pl].exe:*:Enabled:ipsec -- (DT Soft Ltd)
"C:\Windows\Explorer.EXE" = C:\Windows\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\winxpuum.exe" = C:\Users\Slayerek\AppData\Local\Temp\winxpuum.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\cxuql.exe" = C:\Users\Slayerek\AppData\Local\Temp\cxuql.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winnivbl.exe" = C:\Users\Slayerek\AppData\Local\Temp\winnivbl.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winvoea.exe" = C:\Users\Slayerek\AppData\Local\Temp\winvoea.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\wintljoe.exe" = C:\Users\Slayerek\AppData\Local\Temp\wintljoe.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\ersfh.exe" = C:\Users\Slayerek\AppData\Local\Temp\ersfh.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winmynp.exe" = C:\Users\Slayerek\AppData\Local\Temp\winmynp.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winelry.exe" = C:\Users\Slayerek\AppData\Local\Temp\winelry.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winpkonrf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winpkonrf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winvtkiqe.exe" = C:\Users\Slayerek\AppData\Local\Temp\winvtkiqe.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winrars.exe" = C:\Users\Slayerek\AppData\Local\Temp\winrars.exe:*:Enabled:ipsec
"C:\Windows\System32\nwiz.exe" = C:\Windows\System32\nwiz.exe:*:Enabled:ipsec -- ()
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" = C:\Program Files\DAEMON Tools Lite\DTLite.exe:*:Enabled:ipsec -- (DT Soft Ltd)
"C:\Program Files\Intel\WiFi\bin\iwrap.exe" = C:\Program Files\Intel\WiFi\bin\iwrap.exe:*:Enabled:ipsec -- (Intel® Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\mmxq.exe" = C:\Users\Slayerek\AppData\Local\Temp\mmxq.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winsfknd.exe" = C:\Users\Slayerek\AppData\Local\Temp\winsfknd.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winiscx.exe" = C:\Users\Slayerek\AppData\Local\Temp\winiscx.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winodkiek.exe" = C:\Users\Slayerek\AppData\Local\Temp\winodkiek.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winuhota.exe" = C:\Users\Slayerek\AppData\Local\Temp\winuhota.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\lobab.exe" = C:\Users\Slayerek\AppData\Local\Temp\lobab.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winlfol.exe" = C:\Users\Slayerek\AppData\Local\Temp\winlfol.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winygtnjx.exe" = C:\Users\Slayerek\AppData\Local\Temp\winygtnjx.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\elqu.exe" = C:\Users\Slayerek\AppData\Local\Temp\elqu.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winglgf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winglgf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\lgon.exe" = C:\Users\Slayerek\AppData\Local\Temp\lgon.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\vjcs.exe" = C:\Users\Slayerek\AppData\Local\Temp\vjcs.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\rllsh.exe" = C:\Users\Slayerek\AppData\Local\Temp\rllsh.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\dswam.exe" = C:\Users\Slayerek\AppData\Local\Temp\dswam.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\bmwj.exe" = C:\Users\Slayerek\AppData\Local\Temp\bmwj.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\nxppe.exe" = C:\Users\Slayerek\AppData\Local\Temp\nxppe.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\iaolh.exe" = C:\Users\Slayerek\AppData\Local\Temp\iaolh.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winqbqox.exe" = C:\Users\Slayerek\AppData\Local\Temp\winqbqox.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winuouf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winuouf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winjagxfw.exe" = C:\Users\Slayerek\AppData\Local\Temp\winjagxfw.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winxvqy.exe" = C:\Users\Slayerek\AppData\Local\Temp\winxvqy.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winhxviim.exe" = C:\Users\Slayerek\AppData\Local\Temp\winhxviim.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winaohaf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winaohaf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winxftry.exe" = C:\Users\Slayerek\AppData\Local\Temp\winxftry.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\qefph.exe" = C:\Users\Slayerek\AppData\Local\Temp\qefph.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winfaaf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winfaaf.exe:*:Enabled:ipsec
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:ipsec -- (Malwarebytes Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\winadryu.exe" = C:\Users\Slayerek\AppData\Local\Temp\winadryu.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winygpf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winygpf.exe:*:Enabled:ipsec
"C:\Windows\system32\userinit.exe" = C:\Windows\system32\userinit.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\winslmiuw.exe" = C:\Users\Slayerek\AppData\Local\Temp\winslmiuw.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winyiwwf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winyiwwf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winbbjd.exe" = C:\Users\Slayerek\AppData\Local\Temp\winbbjd.exe:*:Enabled:ipsec
"D:\LoL\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.187\deploy\LolClient.exe" = D:\LoL\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.187\deploy\LolClient.exe:*:Enabled:ipsec -- (Adobe Systems Inc.)
"C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe:*:Enabled:ipsec -- (Malwarebytes Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\winssfd.exe" = C:\Users\Slayerek\AppData\Local\Temp\winssfd.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\lnhdi.exe" = C:\Users\Slayerek\AppData\Local\Temp\lnhdi.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winginq.exe" = C:\Users\Slayerek\AppData\Local\Temp\winginq.exe:*:Enabled:ipsec -- ()
"C:\Users\Slayerek\AppData\Local\Temp\winmqgv.exe" = C:\Users\Slayerek\AppData\Local\Temp\winmqgv.exe:*:Enabled:ipsec -- ()


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12D7F408-FF4C-4569-B871-B000AC4F17C0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{62451C94-BD6A-47E0-98D9-8A077BA387FF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{0ABEF8AC-C761-4856-94FC-1B9DA75E680C}C:\program files\malwarebytes' anti-malware\mbamgui.exe" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbamgui.exe |
"TCP Query User{327BFAC8-31D2-443F-AEBC-485AA8ADB0AB}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{444DA5D7-7459-4B88-86D3-787FA87E3FFF}C:\program files\malwarebytes' anti-malware\mbam.exe" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"TCP Query User{4BCDA590-B321-49F6-94AB-18E873D24530}D:\instalki\sterowniki\intel_chipset-software-insta_a05_r302424.exe" = protocol=6 | dir=in | app=d:\instalki\sterowniki\intel_chipset-software-insta_a05_r302424.exe |
"TCP Query User{5C968252-38C5-462F-9DAF-6FFC0AC5E0CD}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{998D4424-A768-4849-9790-5D4561D24CAB}C:\program files\daemon tools lite\dtlite.exe" = protocol=6 | dir=in | app=c:\program files\daemon tools lite\dtlite.exe |
"TCP Query User{C7056DA2-C8C7-423A-98CB-858453FB94E0}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{CC000D23-93A5-433B-86AA-55175562F6AE}C:\program files\windows defender\msascui.exe" = protocol=6 | dir=in | app=c:\program files\windows defender\msascui.exe |
"TCP Query User{E86475FA-D3AC-434E-9687-8BD2BEF3966C}C:\windows\system32\userinit.exe" = protocol=6 | dir=in | app=c:\windows\system32\userinit.exe |
"TCP Query User{F2AB121C-55A3-487C-88DC-4270CD838965}D:\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe |
"UDP Query User{1A6A9DCD-0620-4CC5-8D76-89AB0C6ADB02}C:\program files\daemon tools lite\dtlite.exe" = protocol=17 | dir=in | app=c:\program files\daemon tools lite\dtlite.exe |
"UDP Query User{2F6B25B1-EFDF-4EFC-9D9F-9A7CD3D8E06F}D:\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe |
"UDP Query User{3CA51AB2-EFE3-425A-818D-6EE37A566D5B}C:\windows\system32\userinit.exe" = protocol=17 | dir=in | app=c:\windows\system32\userinit.exe |
"UDP Query User{40F8703E-03F4-4041-9468-0A789490D202}C:\program files\malwarebytes' anti-malware\mbam.exe" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"UDP Query User{7A26A16A-A93A-4D63-9E00-D728B4093C7D}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"UDP Query User{80CEFD74-9DC8-4EDD-9C09-ADD1A416ECF8}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{8F7C81B6-8E29-4557-9CF5-3CA4D74920BF}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{A70BC10B-2A13-4DB6-A8BF-CAEFB3D221E6}C:\program files\malwarebytes' anti-malware\mbamgui.exe" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbamgui.exe |
"UDP Query User{B31F563B-12FB-4A1A-ADD9-CA11E798FD8A}C:\program files\windows defender\msascui.exe" = protocol=17 | dir=in | app=c:\program files\windows defender\msascui.exe |
"UDP Query User{DDEB2E65-B0C7-440E-A838-6B1433FCF8C8}D:\instalki\sterowniki\intel_chipset-software-insta_a05_r302424.exe" = protocol=17 | dir=in | app=d:\instalki\sterowniki\intel_chipset-software-insta_a05_r302424.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}_is1" = Need For Speed. The Run 1.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E4B37D6-D7F8-4067-B900-3F314C709916}" = Oprogramowanie Intel® PROSet/Wireless WiFi
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Eurobattle.net1.26" = Eurobattle.net
"FlashGet3.7" = FlashGet3.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"ProInst" = Intel PROSet Wireless
"Warcraft III" = Warcraft III
"Winamp" = Winamp

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: wszystkie elementy
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-07-31 08:34:19 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0x2d8, godzina rozpoczęcia aplikacji 0x01cd6f18cd1eabd0.

Error - 2012-07-31 08:35:57 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0xf0c, godzina rozpoczęcia aplikacji 0x01cd6f1903420142.

Error - 2012-07-31 08:36:24 | Computer Name = Slayerek-PC | Source = VSS | ID = 8194
Description =

Error - 2012-07-31 08:36:39 | Computer Name = Slayerek-PC | Source = System Restore | ID = 8193
Description =

Error - 2012-07-31 08:37:18 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0xda0, godzina rozpoczęcia aplikacji 0x01cd6f19383a9512.

Error - 2012-07-31 08:37:24 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0xff8, godzina rozpoczęcia aplikacji 0x01cd6f193bb9d892.

Error - 2012-07-31 08:37:34 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0xcf0, godzina rozpoczęcia aplikacji 0x01cd6f19411afb72.

Error - 2012-07-31 08:40:49 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0x8a4, godzina rozpoczęcia aplikacji 0x01cd6f1959484862.

Error - 2012-07-31 09:05:21 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005,
sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003e13d,
identyfikator
procesu 0xf98, godzina rozpoczęcia aplikacji 0x01cd6f1ad9cba90a.

Error - 2012-08-02 13:06:31 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd Need For Speed The Run.exe,
wersja 1.1.0.0, sygnatura czasowa 0x4f14cf9c, kod wyjątku 0xc0000005, przesunięcie
błędu 0x010b54c8, identyfikator procesu 0x6d8, godzina rozpoczęcia aplikacji 0x01cd70cd475206a8.

[ System Events ]
Error - 2012-08-08 14:01:34 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 2012-08-08 14:01:44 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-08 14:03:52 | Computer Name = Slayerek-PC | Source = EventLog | ID = 6008
Description = Poprzednie zamknięcie systemu przy 20:02:12 na 2012-08-08 było nieoczekiwane.

Error - 2012-08-08 14:04:41 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-08 14:05:30 | Computer Name = Slayerek-PC | Source = BROWSER | ID = 8007
Description =

Error - 2012-08-08 14:06:45 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-08 14:07:01 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 2012-08-08 14:07:05 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-08 14:07:05 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-08 14:07:05 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =


< End of report >[/log]

Dałem to wszystko w jeden code.

Gość
komentarz
komentarz (edytowane)

1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b]

Wklej

[code]
:OTL
O32 - AutoRun File - [2012-07-05 14:14:28 | 000,000,268 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-05-21 18:08:00 | 000,000,264 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2003-05-23 15:26:56 | 000,061,440 | R--- | M] () - G:\autoplay.exe -- [ UDF ]
O32 - AutoRun File - [2003-02-12 09:01:48 | 000,000,050 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{70975dcf-c69b-11e1-96da-f40343d0b4cc}\Shell\AutOPLAy\CoMmanD - "" = F:\lycjb.pif
O33 - MountPoints2\{70975dcf-c69b-11e1-96da-f40343d0b4cc}\Shell\AutoRun\command - "" = F:\lycjb.pif
O33 - MountPoints2\{70975dcf-c69b-11e1-96da-f40343d0b4cc}\Shell\exPlOrE\COmmANd - "" = F:\lycjb.pif
O33 - MountPoints2\{70975dcf-c69b-11e1-96da-f40343d0b4cc}\Shell\oPEN\cOmmaNd - "" = F:\lycjb.pif
O33 - MountPoints2\{a450efde-d402-11e1-adaf-82705876aec6}\Shell\aUtoPlay\COmmAnD - "" = F:\wplfqc.exe
O33 - MountPoints2\{a450efde-d402-11e1-adaf-82705876aec6}\Shell\AutoRun\command - "" = F:\wplfqc.exe
O33 - MountPoints2\{a450efde-d402-11e1-adaf-82705876aec6}\Shell\eXplOre\Command - "" = F:\wplfqc.exe
O33 - MountPoints2\{a450efde-d402-11e1-adaf-82705876aec6}\Shell\OPEn\commAND - "" = F:\wplfqc.exe
O33 - MountPoints2\{a450efe4-d402-11e1-adaf-82705876aec6}\Shell\AuToplAY\commanD - "" = G:\ulswy.exe
O33 - MountPoints2\{a450efe4-d402-11e1-adaf-82705876aec6}\Shell\AutoRun\command - "" = G:\ulswy.exe
O33 - MountPoints2\{a450efe4-d402-11e1-adaf-82705876aec6}\Shell\expLorE\command - "" = G:\ulswy.exe
O33 - MountPoints2\{a450efe4-d402-11e1-adaf-82705876aec6}\Shell\opEN\coMmAnd - "" = G:\ulswy.exe
O33 - MountPoints2\{e8458eb1-dd72-11e1-a47e-81ec6e0f13ba}\Shell - "" = AutoRun
O33 - MountPoints2\{e8458eb1-dd72-11e1-a47e-81ec6e0f13ba}\Shell\AutoRun\command - "" = G:\autoplay.exe -- [2003-05-23 15:26:56 | 000,061,440 | R--- | M] ()

:Files
C:\autorun.inf
D:\autorun.inf
C:\Users\Slayerek\AppData\Local\Temp\winmqgv.exe
C:\Users\Slayerek\AppData\Local\Temp\winginq.exe
C:\lgpcg.exe
C:\Users\Slayerek\AppData\Local\Temp\winxpuum.exe
C:\Users\Slayerek\AppData\Local\Temp\cxuql.exe
C:\Users\Slayerek\AppData\Local\Temp\winnivbl.exe
C:\Users\Slayerek\AppData\Local\Temp\winvoea.exe
C:\Users\Slayerek\AppData\Local\Temp\wintljoe.exe
C:\Users\Slayerek\AppData\Local\Temp\ersfh.exe
C:\Users\Slayerek\AppData\Local\Temp\winmynp.exe
C:\Users\Slayerek\AppData\Local\Temp\winelry.exe
C:\Users\Slayerek\AppData\Local\Temp\winpkonrf.exe
C:\Users\Slayerek\AppData\Local\Temp\winvtkiqe.exe
C:\Users\Slayerek\AppData\Local\Temp\winrars.exe
C:\Users\Slayerek\AppData\Local\Temp\mmxq.exe
C:\Users\Slayerek\AppData\Local\Temp\winsfknd.exe
C:\Users\Slayerek\AppData\Local\Temp\winiscx.exe
C:\Users\Slayerek\AppData\Local\Temp\winodkiek.exe
C:\Users\Slayerek\AppData\Local\Temp\winuhota.exe
C:\Users\Slayerek\AppData\Local\Temp\lobab.exe
C:\Users\Slayerek\AppData\Local\Temp\winlfol.exe
C:\Users\Slayerek\AppData\Local\Temp\winygtnjx.exe
C:\Users\Slayerek\AppData\Local\Temp\elqu.exe
C:\Users\Slayerek\AppData\Local\Temp\winglgf.exe
C:\Users\Slayerek\AppData\Local\Temp\lgon.exe
C:\Users\Slayerek\AppData\Local\Temp\vjcs.exe
C:\Users\Slayerek\AppData\Local\Temp\rllsh.exe
C:\Users\Slayerek\AppData\Local\Temp\dswam.exe
C:\Users\Slayerek\AppData\Local\Temp\bmwj.exe
C:\Users\Slayerek\AppData\Local\Temp\nxppe.exe
C:\Users\Slayerek\AppData\Local\Temp\iaolh.exe
C:\Users\Slayerek\AppData\Local\Temp\winqbqox.exe
C:\Users\Slayerek\AppData\Local\Temp\winuouf.exe
C:\Users\Slayerek\AppData\Local\Temp\winjagxfw.exe
C:\Users\Slayerek\AppData\Local\Temp\winxvqy.exe
C:\Users\Slayerek\AppData\Local\Temp\winhxviim.exe
C:\Users\Slayerek\AppData\Local\Temp\winaohaf.exe
C:\Users\Slayerek\AppData\Local\Temp\winxftry.exe
C:\Users\Slayerek\AppData\Local\Temp\qefph.exe
C:\Users\Slayerek\AppData\Local\Temp\winfaaf.exe
C:\Users\Slayerek\AppData\Local\Temp\winadryu.exe
C:\Users\Slayerek\AppData\Local\Temp\winygpf.exe
C:\Users\Slayerek\AppData\Local\Temp\winslmiuw.exe
C:\Users\Slayerek\AppData\Local\Temp\winyiwwf.exe
C:\Users\Slayerek\AppData\Local\Temp\winbbjd.exe
C:\Users\Slayerek\AppData\Local\Temp\winssfd.exe
C:\Users\Slayerek\AppData\Local\Temp\lnhdi.exe
C:\Users\Slayerek\AppData\Local\Temp\winginq.exe:
C:\Users\Slayerek\AppData\Local\Temp\winmqgv.exe

:Commands
[emptytemp]
[/code]

Kliknij [b]Wykonaj skrypt[/b]


2.Po restarcie kliknij [b]Sprzątanie[/b]



3.Wyskanuj system skanerem malwarebytes anti malware

wszystkie zagrożenia usuń

4.Pobierz ponownie otl i przedstaw nowy raport

TnOSlayer
komentarz
komentarz

Problem nie ulegl zmianie. Prosze tutaj nowy log.

[log]OTL logfile created on: 2012-08-10 13:20:52 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Slayerek\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,49 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 75,56% Memory free
7,16 Gb Paging File | 6,38 Gb Available in Paging File | 89,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 61,52 Gb Free Space | 63,06% Space Free | Partition Type: NTFS
Drive D: | 135,23 Gb Total Space | 56,46 Gb Free Space | 41,75% Space Free | Partition Type: NTFS
Drive G: | 467,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: SLAYEREK-PC | User Name: Slayerek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Processes (All) ==========[/color]

PRC - [2012-08-10 13:17:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Slayerek\Downloads\OTL.exe
PRC - [2012-08-03 01:04:27 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
PRC - [2012-07-18 20:44:21 | 000,979,424 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-07-18 20:44:21 | 000,082,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012-07-03 13:46:44 | 000,528,456 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011-01-04 17:48:12 | 000,488,816 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2010-11-09 06:55:18 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2010-07-19 17:42:16 | 000,866,576 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2010-07-19 17:23:28 | 000,477,456 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2010-07-06 22:59:22 | 000,054,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2010-05-30 23:17:06 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010-05-12 11:55:00 | 000,219,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009-04-10 23:28:16 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
PRC - [2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winlogon.exe
PRC - [2009-04-10 23:28:10 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009-04-10 23:28:08 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
PRC - [2009-04-10 23:28:06 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spoolsv.exe
PRC - [2009-04-10 23:28:06 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\smss.exe
PRC - [2009-04-10 23:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2009-04-10 23:28:00 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe
PRC - [2009-04-10 23:28:00 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\services.exe
PRC - [2009-04-10 23:27:50 | 003,408,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
PRC - [2009-04-10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-04-10 23:27:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
PRC - [2008-04-25 10:25:40 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2008-04-25 10:25:40 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008-04-25 10:24:18 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrss.exe
PRC - [2008-04-25 10:21:43 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
PRC - [2008-04-25 10:19:26 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:16 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\svchost.exe [comLaunch]
PRC - [2008-04-25 10:19:13 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
PRC - [2008-04-25 10:18:14 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008-04-25 10:17:51 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
PRC - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe


[color=#E56717]========== Modules (All) ==========[/color]

MOD - [2012-08-10 13:17:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Slayerek\Downloads\OTL.exe
MOD - [2012-08-03 01:04:27 | 009,465,032 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_270.dll
MOD - [2012-08-03 01:04:27 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_270.exe
MOD - [2012-07-18 20:44:21 | 016,060,384 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xul.dll
MOD - [2012-07-18 20:44:21 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012-07-18 20:44:21 | 000,979,424 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
MOD - [2012-07-18 20:44:21 | 000,829,920 | ---- | M] (sqlite.org) -- C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MOD - [2012-07-18 20:44:21 | 000,638,432 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nss3.dll
MOD - [2012-07-18 20:44:21 | 000,573,920 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\gkmedias.dll
MOD - [2012-07-18 20:44:21 | 000,358,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssckbi.dll
MOD - [2012-07-18 20:44:21 | 000,258,528 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\freebl3.dll
MOD - [2012-07-18 20:44:21 | 000,170,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nspr4.dll
MOD - [2012-07-18 20:44:21 | 000,155,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\softokn3.dll
MOD - [2012-07-18 20:44:21 | 000,145,376 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\ssl3.dll
MOD - [2012-07-18 20:44:21 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MOD - [2012-07-18 20:44:21 | 000,095,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssdbm3.dll
MOD - [2012-07-18 20:44:21 | 000,092,640 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\nssutil3.dll
MOD - [2012-07-18 20:44:21 | 000,091,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\smime3.dll
MOD - [2012-07-18 20:44:21 | 000,082,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
MOD - [2012-07-18 20:44:21 | 000,068,576 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozglue.dll
MOD - [2012-07-18 20:44:21 | 000,021,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plc4.dll
MOD - [2012-07-18 20:44:21 | 000,020,960 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\plds4.dll
MOD - [2012-07-18 20:44:21 | 000,019,424 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\xpcom.dll
MOD - [2012-07-18 20:44:21 | 000,015,840 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\mozalloc.dll
MOD - [2012-07-03 13:46:44 | 000,528,456 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
MOD - [2012-07-03 13:46:42 | 000,476,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
MOD - [2012-07-02 12:14:28 | 002,167,368 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
MOD - [2012-06-15 00:16:43 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcr100.dll
MOD - [2012-06-15 00:16:43 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\msvcp100.dll
MOD - [2011-01-04 17:48:12 | 000,488,816 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
MOD - [2010-12-17 02:52:22 | 000,115,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\System32\Vxdif.dll
MOD - [2010-11-18 19:12:20 | 001,607,024 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.dll
MOD - [2010-11-09 06:55:18 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
MOD - [2010-07-06 22:59:22 | 000,054,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
MOD - [2010-05-31 06:23:42 | 000,075,120 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\EzAuto.dll
MOD - [2010-05-30 23:17:06 | 000,054,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
MOD - [2010-05-12 22:05:18 | 001,070,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
MOD - [2010-05-12 11:55:00 | 000,150,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
MOD - [2010-05-12 11:55:00 | 000,092,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhotkey.dll
MOD - [2009-09-25 04:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2009-09-25 03:27:04 | 001,064,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
MOD - [2009-09-25 00:54:55 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2009-04-10 23:28:28 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
MOD - [2009-04-10 23:28:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2009-04-10 23:28:26 | 011,584,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2009-04-10 23:28:26 | 002,205,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2009-04-10 23:28:26 | 001,591,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2009-04-10 23:28:26 | 001,167,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2009-04-10 23:28:26 | 001,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2009-04-10 23:28:26 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2009-04-10 23:28:26 | 000,828,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2009-04-10 23:28:26 | 000,784,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2009-04-10 23:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2009-04-10 23:28:26 | 000,586,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
MOD - [2009-04-10 23:28:26 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2009-04-10 23:28:26 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
MOD - [2009-04-10 23:28:26 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2009-04-10 23:28:26 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2009-04-10 23:28:26 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2009-04-10 23:28:26 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
MOD - [2009-04-10 23:28:26 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2009-04-10 23:28:26 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
MOD - [2009-04-10 23:28:26 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2009-04-10 23:28:26 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2009-04-10 23:28:26 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2009-04-10 23:28:26 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2009-04-10 23:28:26 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009-04-10 23:28:26 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009-04-10 23:28:26 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
MOD - [2009-04-10 23:28:24 | 003,174,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
MOD - [2009-04-10 23:28:24 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
MOD - [2009-04-10 23:28:24 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
MOD - [2009-04-10 23:28:24 | 001,823,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2009-04-10 23:28:24 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
MOD - [2009-04-10 23:28:24 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2009-04-10 23:28:24 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2009-04-10 23:28:24 | 000,679,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2009-04-10 23:28:24 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2009-04-10 23:28:24 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2009-04-10 23:28:24 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2009-04-10 23:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
MOD - [2009-04-10 23:28:24 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
MOD - [2009-04-10 23:28:24 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
MOD - [2009-04-10 23:28:24 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2009-04-10 23:28:24 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009-04-10 23:28:24 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
MOD - [2009-04-10 23:28:24 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2009-04-10 23:28:24 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009-04-10 23:28:22 | 002,012,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
MOD - [2009-04-10 23:28:22 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2009-04-10 23:28:22 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2009-04-10 23:28:22 | 000,564,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
MOD - [2009-04-10 23:28:22 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2009-04-10 23:28:22 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2009-04-10 23:28:22 | 000,356,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
MOD - [2009-04-10 23:28:22 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2009-04-10 23:28:22 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2009-04-10 23:28:22 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
MOD - [2009-04-10 23:28:22 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009-04-10 23:28:22 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2009-04-10 23:28:22 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
MOD - [2009-04-10 23:28:20 | 006,079,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2009-04-10 23:28:20 | 001,788,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2009-04-10 23:28:20 | 001,324,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browseui.dll
MOD - [2009-04-10 23:28:20 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
MOD - [2009-04-10 23:28:20 | 000,971,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
MOD - [2009-04-10 23:28:20 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2009-04-10 23:28:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2009-04-10 23:28:20 | 000,444,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2009-04-10 23:28:20 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2009-04-10 23:28:20 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2009-04-10 23:28:20 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2009-04-10 23:28:20 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll
MOD - [2009-04-10 23:28:20 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
MOD - [2009-04-10 23:28:20 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
MOD - [2009-04-10 23:28:20 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappcfg.dll
MOD - [2009-04-10 23:28:20 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2009-04-10 23:28:20 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll
MOD - [2009-04-10 23:28:20 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2009-04-10 23:28:20 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
MOD - [2009-04-10 23:28:20 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authz.dll
MOD - [2009-04-10 23:28:20 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2009-04-10 23:28:20 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
MOD - [2009-04-10 23:28:20 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
MOD - [2009-04-10 23:28:20 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2009-04-10 23:28:20 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2009-04-10 23:28:18 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2009-04-10 23:28:18 | 000,542,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2009-04-10 23:28:18 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2009-04-10 23:28:08 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
MOD - [2009-04-10 23:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
MOD - [2009-04-10 23:27:50 | 001,202,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2009-04-10 23:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009-04-10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
MOD - [2009-04-10 23:27:34 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
MOD - [2009-04-10 23:27:14 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2009-04-10 23:27:14 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2009-04-10 23:27:14 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
MOD - [2009-04-10 23:27:14 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
MOD - [2009-04-10 23:21:40 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\GdiPlus.dll
MOD - [2009-04-10 23:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008-04-25 10:26:48 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2008-04-25 10:26:36 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll
MOD - [2008-04-25 10:26:06 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
MOD - [2008-04-25 10:25:52 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll
MOD - [2008-04-25 10:25:48 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMASF.DLL
MOD - [2008-04-25 10:25:40 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
MOD - [2008-04-25 10:25:40 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
MOD - [2008-04-25 10:24:50 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
MOD - [2008-04-25 10:24:50 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2008-04-25 10:24:34 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll
MOD - [2008-04-25 10:24:27 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2008-04-25 10:24:23 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2008-04-25 10:24:18 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioEng.dll
MOD - [2008-04-25 10:24:17 | 000,187,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
MOD - [2008-04-25 10:24:17 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2008-04-25 10:24:16 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
MOD - [2008-04-25 10:24:16 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
MOD - [2008-04-25 10:24:14 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
MOD - [2008-04-25 10:23:58 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2008-04-25 10:23:55 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
MOD - [2008-04-25 10:23:51 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FirewallAPI.dll
MOD - [2008-04-25 10:23:50 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2008-04-25 10:23:49 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2008-04-25 10:23:48 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2008-04-25 10:23:44 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\eappprxy.dll
MOD - [2008-04-25 10:23:38 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2008-04-25 10:23:04 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2008-04-25 10:23:04 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008-04-25 10:23:02 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
MOD - [2008-04-25 10:22:52 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll
MOD - [2008-04-25 10:22:42 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll
MOD - [2008-04-25 10:22:39 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2008-04-25 10:22:35 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icm32.dll
MOD - [2008-04-25 10:22:27 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2008-04-25 10:22:24 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
MOD - [2008-04-25 10:22:16 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2008-04-25 10:21:40 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc_os.dll
MOD - [2008-04-25 10:21:38 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2008-04-25 10:21:37 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2008-04-25 10:21:35 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008-04-25 10:21:20 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
MOD - [2008-04-25 10:21:00 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2008-04-25 10:20:58 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll
MOD - [2008-04-25 10:20:45 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
MOD - [2008-04-25 10:20:45 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2008-04-25 10:20:07 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
MOD - [2008-04-25 10:20:00 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2008-04-25 10:19:51 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
MOD - [2008-04-25 10:19:33 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wsock32.dll
MOD - [2008-04-25 10:19:27 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll
MOD - [2008-04-25 10:19:19 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2008-04-25 10:18:55 | 001,298,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TMM.dll
MOD - [2008-04-25 10:18:15 | 000,671,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpRtMon.dll
MOD - [2008-04-25 10:18:14 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
MOD - [2008-04-25 10:18:14 | 000,312,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpClient.dll
MOD - [2008-04-25 10:17:47 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2006-11-02 14:35:33 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehProxy.dll
MOD - [2006-11-02 14:34:50 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2006-11-02 14:34:48 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll
MOD - [2006-11-02 14:34:33 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2006-11-02 14:34:32 | 000,653,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpRes.dll
MOD - [2006-11-02 11:46:14 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2006-11-02 11:46:13 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winbrand.dll
MOD - [2006-11-02 11:46:13 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2006-11-02 11:46:13 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shimeng.dll
MOD - [2006-11-02 11:46:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll
MOD - [2006-11-02 11:46:13 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfc.dll
MOD - [2006-11-02 11:46:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2006-11-02 11:46:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2006-11-02 11:46:12 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll
MOD - [2006-11-02 11:46:07 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2006-11-02 11:46:06 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
MOD - [2006-11-02 11:46:05 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll
MOD - [2006-11-02 11:46:05 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2006-11-02 11:46:04 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll
MOD - [2006-11-02 11:46:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2006-11-02 11:46:02 | 000,737,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
MOD - [2006-11-02 11:45:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
MOD - [2006-11-02 10:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-08-03 01:04:28 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-18 20:44:21 | 000,186,848 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010-07-19 17:42:16 | 000,866,576 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010-07-19 17:23:28 | 000,477,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008-04-25 10:18:14 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012-08-06 17:40:24 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-01-05 20:42:14 | 000,284,792 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2010-07-14 04:34:16 | 006,680,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETwNv32.sys -- (NETwNv32)
DRV - [2010-05-12 22:05:18 | 009,936,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009-04-10 21:39:00 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3366845728-784585638-755298595-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3366845728-784585638-755298595-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3366845728-784585638-755298595-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-18 20:44:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-07-05 14:51:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Slayerek\AppData\Roaming\mozilla\Extensions
[2012-07-06 18:44:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Slayerek\AppData\Roaming\mozilla\Firefox\Profiles\8y9n6lxs.default\extensions
[2012-07-05 14:51:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-07-18 20:44:21 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-06-15 01:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-06-15 01:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 01:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 01:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 01:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 01:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml

O1 HOSTS File: ([2006-09-18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Slayerek\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (Trend Media Group)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Windows\System32\nwiz.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3366845728-784585638-755298595-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Program Files\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6534D55-2C59-4BE2-A518-CFA7C519EC8B}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012-08-10 12:35:20 | 000,000,300 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012-08-10 12:35:20 | 000,000,310 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2003-05-23 15:26:56 | 000,061,440 | R--- | M] () - G:\autoplay.exe -- [ UDF ]
O32 - AutoRun File - [2003-02-12 09:01:48 | 000,000,050 | R--- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{e8458eb1-dd72-11e1-a47e-81ec6e0f13ba}\Shell - "" = AutoRun
O33 - MountPoints2\{e8458eb1-dd72-11e1-a47e-81ec6e0f13ba}\Shell\AutoRun\command - "" = G:\autoplay.exe -- [2003-05-23 15:26:56 | 000,061,440 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

[color=#E56717]========== Files/Folders - Created Within 60 Days ==========[/color]

[2012-08-06 17:49:03 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eurobattle.net
[2012-08-06 17:44:38 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2012-08-06 17:44:38 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012-08-06 17:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2012-08-06 17:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012-08-06 17:40:24 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-08-06 17:40:18 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\DAEMON Tools Lite
[2012-08-06 17:40:16 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012-08-06 17:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012-07-31 14:48:01 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\Documents\NFSTR
[2012-07-31 14:33:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012-07-31 14:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst
[2012-07-28 04:50:53 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
[2012-07-28 04:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
[2012-07-28 04:50:52 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\BITS
[2012-07-28 04:50:43 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\FlashgetSetup
[2012-07-28 04:50:40 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\FlashGetBHO
[2012-07-28 04:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\FlashGet Network
[2012-07-28 04:50:36 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\FlashGet
[2012-07-28 02:06:41 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\WinRAR
[2012-07-28 02:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012-07-16 19:49:12 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\LolClient
[2012-07-16 19:46:36 | 000,000,000 | ---D | C] -- C:\DX
[2012-07-05 18:53:33 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\Documents\Diablo III
[2012-07-05 18:17:21 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Malwarebytes
[2012-07-05 18:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-07-05 18:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-07-05 18:17:13 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012-07-05 18:17:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012-07-05 17:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2012-07-05 17:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2012-07-05 17:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2012-07-05 17:50:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012-07-05 17:50:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012-07-05 17:50:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012-07-05 17:48:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012-07-05 17:38:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012-07-05 15:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2012-07-05 15:12:04 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Macromedia
[2012-07-05 15:12:04 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Local\Macromedia
[2012-07-05 15:12:04 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Adobe
[2012-07-05 15:11:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012-07-05 15:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012-07-05 15:04:51 | 000,000,000 | ---D | C] -- C:\Windows\nview
[2012-07-05 14:51:44 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Mozilla
[2012-07-05 14:51:44 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Local\Mozilla
[2012-07-05 14:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012-07-05 14:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012-07-05 14:51:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012-07-05 14:46:51 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012-07-05 14:46:35 | 000,000,000 | -HSD | C] -- C:\Boot
[2012-07-05 14:46:00 | 000,000,000 | ---D | C] -- C:\DRIVERS
[2012-07-05 14:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2012-07-05 14:45:30 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detektor Winampa
[2012-07-05 14:45:26 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Winamp
[2012-07-05 14:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2012-07-05 14:43:15 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Intel
[2012-07-05 14:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012-07-05 14:42:30 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012-07-05 14:42:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012-07-05 14:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012-07-05 14:36:53 | 000,000,000 | ---D | C] -- C:\Windows\ConfigSetRoot
[2012-07-05 14:17:01 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012-07-05 14:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\DellTPad
[2012-07-05 14:14:08 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2012-07-05 14:14:08 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012-07-05 14:13:56 | 000,000,000 | ---D | C] -- C:\Intel
[2012-07-05 14:13:54 | 000,000,000 | ---D | C] -- C:\dell
[2012-07-05 13:57:54 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012-07-05 13:57:54 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Searches
[2012-07-05 13:57:54 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012-07-05 13:57:47 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Identities
[2012-07-05 13:57:46 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Contacts
[2012-07-05 13:57:45 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Local\VirtualStore
[2012-07-05 13:57:42 | 000,000,000 | --SD | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Videos
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Saved Games
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Pictures
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Music
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Links
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Favorites
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Downloads
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Documents
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\Desktop
[2012-07-05 13:57:42 | 000,000,000 | R--D | C] -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Ustawienia lokalne
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\AppData\Local\Temporary Internet Files
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Szablony
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\SendTo
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Recent
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\PrintHood
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\NetHood
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Documents\Moje wideo
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Documents\Moje obrazy
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Moje dokumenty
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Documents\Moja muzyka
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Menu Start
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\AppData\Local\Historia
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Dane aplikacji
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\AppData\Local\Dane aplikacji
[2012-07-05 13:57:42 | 000,000,000 | -HSD | C] -- C:\Users\Slayerek\Cookies
[2012-07-05 13:57:42 | 000,000,000 | -H-D | C] -- C:\Users\Slayerek\AppData
[2012-07-05 13:57:42 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Local\Temp
[2012-07-05 13:57:42 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Local\Microsoft
[2012-07-05 13:57:42 | 000,000,000 | ---D | C] -- C:\Users\Slayerek\AppData\Roaming\Media Center Programs
[2012-07-05 13:56:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione
[2012-07-05 13:56:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony
[2012-07-05 13:56:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit
[2012-07-05 13:56:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo
[2012-07-05 13:56:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy
[2012-07-05 13:56:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka
[2012-07-05 13:56:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start
[2012-07-05 13:56:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2012-07-05 13:56:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji
[2012-07-05 13:55:56 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2012-07-05 13:50:39 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012-07-05 13:49:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2012-07-05 13:47:25 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[color=#E56717]========== Files - Modified Within 60 Days ==========[/color]

[2012-08-10 13:18:28 | 000,032,165 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012-08-10 13:18:28 | 000,032,165 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012-08-10 13:18:22 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-10 13:18:21 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-10 13:18:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-10 13:18:15 | 3745,427,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-10 13:17:12 | 000,099,328 | ---- | M] () -- C:\dcpwb.exe
[2012-08-10 12:49:57 | 000,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-08-10 12:49:57 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-08-10 12:49:57 | 000,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-08-10 12:49:57 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-08-10 12:39:40 | 000,229,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-08-10 12:35:20 | 000,000,300 | RHS- | M] () -- C:\autorun.inf
[2012-08-10 00:34:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-08-06 17:49:03 | 000,000,618 | ---- | M] () -- C:\Users\Slayerek\Desktop\Euroloader.lnk
[2012-08-06 17:49:03 | 000,000,562 | ---- | M] () -- C:\Users\Slayerek\Desktop\gproxy.lnk
[2012-08-06 17:47:40 | 000,062,465 | ---- | M] () -- C:\Windows\War3Unin.dat
[2012-08-06 17:47:08 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\Windows\War3Unin.exe
[2012-08-06 17:47:08 | 000,002,829 | ---- | M] () -- C:\Windows\War3Unin.pif
[2012-08-06 17:40:24 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012-07-31 14:18:43 | 000,000,711 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed. The Run.lnk
[2012-07-28 12:36:10 | 000,001,348 | ---- | M] () -- C:\Windows\System32\secustat.dat
[2012-07-28 06:10:59 | 000,007,630 | ---- | M] () -- C:\Windows\System32\secushr.dat
[2012-07-28 04:51:17 | 000,001,344 | ---- | M] () -- C:\Users\Slayerek\Desktop\FlashGet downloads.lnk
[2012-07-28 04:51:01 | 000,000,025 | ---- | M] () -- C:\Windows\libem.INI
[2012-07-17 11:21:10 | 000,000,631 | ---- | M] () -- C:\Users\Slayerek\Desktop\League of Legends.lnk
[2012-07-05 18:27:26 | 000,000,591 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012-07-05 14:51:30 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-05 14:46:37 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012-07-05 14:40:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012-07-05 14:32:52 | 000,000,680 | ---- | M] () -- C:\Users\Slayerek\AppData\Local\d3d9caps.dat
[2012-07-05 14:32:36 | 000,007,168 | ---- | M] () -- C:\Users\Slayerek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-07-05 14:16:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2012-07-05 14:16:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012-07-05 13:52:39 | 000,065,580 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012-08-10 13:17:12 | 000,099,328 | ---- | C] () -- C:\dcpwb.exe
[2012-08-10 12:35:17 | 000,000,300 | RHS- | C] () -- C:\autorun.inf
[2012-08-06 17:49:03 | 000,000,618 | ---- | C] () -- C:\Users\Slayerek\Desktop\Euroloader.lnk
[2012-08-06 17:49:03 | 000,000,562 | ---- | C] () -- C:\Users\Slayerek\Desktop\gproxy.lnk
[2012-08-06 17:44:38 | 000,062,465 | ---- | C] () -- C:\Windows\War3Unin.dat
[2012-08-06 17:44:38 | 000,002,829 | ---- | C] () -- C:\Windows\War3Unin.pif
[2012-07-31 14:18:43 | 000,000,711 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed. The Run.lnk
[2012-07-28 06:28:46 | 000,001,348 | ---- | C] () -- C:\Windows\System32\secustat.dat
[2012-07-28 05:10:28 | 000,007,630 | ---- | C] () -- C:\Windows\System32\secushr.dat
[2012-07-28 04:51:17 | 000,001,344 | ---- | C] () -- C:\Users\Slayerek\Desktop\FlashGet downloads.lnk
[2012-07-28 04:51:01 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2012-07-17 11:21:10 | 000,000,631 | ---- | C] () -- C:\Users\Slayerek\Desktop\League of Legends.lnk
[2012-07-05 17:58:27 | 000,000,591 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2012-07-05 17:41:33 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012-07-05 17:41:32 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012-07-05 17:41:32 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012-07-05 17:41:12 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012-07-05 17:41:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012-07-05 17:41:09 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012-07-05 17:40:46 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012-07-05 17:40:44 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012-07-05 17:40:43 | 002,499,629 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2012-07-05 17:40:42 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012-07-05 17:40:42 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012-07-05 17:40:41 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012-07-05 17:40:41 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012-07-05 17:40:41 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012-07-05 15:11:31 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-05 15:06:41 | 000,032,165 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012-07-05 15:06:39 | 000,032,165 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2012-07-05 15:04:51 | 001,731,176 | ---- | C] () -- C:\Windows\System32\nvwdmcpl.dll
[2012-07-05 15:04:51 | 001,722,984 | ---- | C] () -- C:\Windows\System32\nwiz.exe
[2012-07-05 15:04:51 | 001,612,392 | ---- | C] () -- C:\Windows\System32\nView.dll
[2012-07-05 15:04:51 | 001,108,584 | ---- | C] () -- C:\Windows\System32\nvwimg.dll
[2012-07-05 15:04:51 | 000,473,704 | ---- | C] () -- C:\Windows\System32\nvShell.dll
[2012-07-05 15:04:51 | 000,449,128 | ---- | C] () -- C:\Windows\System32\nvAppBar.exe
[2012-07-05 15:04:51 | 000,267,368 | ---- | C] () -- C:\Windows\System32\nvTaskbar.exe
[2012-07-05 15:04:51 | 000,262,248 | ---- | C] () -- C:\Windows\System32\nViewSetup.exe
[2012-07-05 15:04:24 | 000,023,929 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu
[2012-07-05 14:51:30 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-07-05 14:51:30 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-05 14:46:37 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2012-07-05 14:46:35 | 000,333,257 | RHS- | C] () -- C:\bootmgr
[2012-07-05 14:46:17 | 000,039,270 | R--- | C] () -- C:\Windows\OEMLOGO.BMP
[2012-07-05 14:40:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012-07-05 14:32:33 | 000,007,168 | ---- | C] () -- C:\Users\Slayerek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-07-05 14:16:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2012-07-05 14:16:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012-07-05 14:16:06 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012-07-05 13:57:55 | 000,000,949 | ---- | C] () -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012-07-05 13:57:54 | 000,000,944 | ---- | C] () -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012-07-05 13:57:45 | 000,000,915 | ---- | C] () -- C:\Users\Slayerek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012-07-05 13:57:43 | 000,000,680 | ---- | C] () -- C:\Users\Slayerek\AppData\Local\d3d9caps.dat
[2012-07-05 13:53:24 | 3745,427,456 | -HS- | C] () -- C:\hiberfil.sys
[2012-07-05 13:52:21 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk

[color=#E56717]========== LOP Check ==========[/color]

[2012-07-28 12:36:10 | 000,000,000 | ---D | M] -- C:\Users\Slayerek\AppData\Roaming\BITS
[2012-08-06 17:42:35 | 000,000,000 | ---D | M] -- C:\Users\Slayerek\AppData\Roaming\DAEMON Tools Lite
[2012-07-28 06:28:46 | 000,000,000 | ---D | M] -- C:\Users\Slayerek\AppData\Roaming\FlashGet
[2012-07-28 04:50:40 | 000,000,000 | ---D | M] -- C:\Users\Slayerek\AppData\Roaming\FlashGetBHO
[2012-07-28 04:50:43 | 000,000,000 | ---D | M] -- C:\Users\Slayerek\AppData\Roaming\FlashgetSetup
[2012-07-16 19:49:12 | 000,000,000 | ---D | M] -- C:\Users\Slayerek\AppData\Roaming\LolClient
[2012-08-10 13:17:44 | 000,016,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %systemdrive%\*.* >[/color]
[2006-09-18 23:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2012-08-10 12:35:20 | 000,000,300 | RHS- | M] () -- C:\autorun.inf
[2009-04-10 23:36:38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2012-07-05 14:46:37 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006-09-18 23:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012-08-10 13:17:12 | 000,099,328 | ---- | M] () -- C:\dcpwb.exe
[2012-08-10 13:18:15 | 3745,427,456 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-10 13:18:15 | 4059,033,600 | -HS- | M] () -- C:\pagefile.sys

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008-04-25 10:14:06 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008-04-25 10:14:06 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008-04-25 10:14:06 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008-04-25 10:14:06 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008-04-25 10:14:06 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006-11-02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009-04-10 23:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008-04-25 10:14:05 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008-04-25 10:14:05 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006-11-02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

[color=#A23BEC]< MD5 for: BEEP.SYS >[/color]
[2008-04-25 10:19:21 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\System32\drivers\beep.sys
[2008-04-25 10:19:21 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=67E506B75BD5326A3EC7B70BD014DFB6 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
[2006-11-02 10:51:03 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=AC3DD1708B22761EBD7CBE14DCC3B5D7 -- C:\Windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6000.16386_none_c1e9df570ab23787\beep.sys

[color=#A23BEC]< MD5 for: CDROM.SYS >[/color]
[2008-04-25 10:14:16 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008-04-25 10:14:16 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009-04-10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009-04-10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009-04-10 21:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006-11-02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009-04-10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009-04-10 23:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006-11-02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008-04-25 10:19:47 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-10 23:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006-11-02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008-04-25 10:24:03 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2012-07-03 13:46:42 | 000,287,304 | ---- | M] () MD5=D945DB9CA22F8C1EA118E9F55F59CEF4 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< End of report >




OTL Extras logfile created on: 2012-08-10 13:20:52 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Slayerek\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

3,49 Gb Total Physical Memory | 2,63 Gb Available Physical Memory | 75,56% Memory free
7,16 Gb Paging File | 6,38 Gb Available in Paging File | 89,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 61,52 Gb Free Space | 63,06% Space Free | Partition Type: NTFS
Drive D: | 135,23 Gb Total Space | 56,46 Gb Free Space | 41,75% Space Free | Partition Type: NTFS
Drive G: | 467,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: SLAYEREK-PC | User Name: Slayerek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 60 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3366845728-784585638-755298595-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3366845728-784585638-755298595-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"D:\Instalki\DTLite4454-0315_[www.programosy.pl].exe" = D:\Instalki\DTLite4454-0315_[www.programosy.pl].exe:*:Enabled:ipsec -- (DT Soft Ltd)
"C:\Windows\Explorer.EXE" = C:\Windows\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\winxpuum.exe" = C:\Users\Slayerek\AppData\Local\Temp\winxpuum.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\cxuql.exe" = C:\Users\Slayerek\AppData\Local\Temp\cxuql.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winnivbl.exe" = C:\Users\Slayerek\AppData\Local\Temp\winnivbl.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winvoea.exe" = C:\Users\Slayerek\AppData\Local\Temp\winvoea.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\wintljoe.exe" = C:\Users\Slayerek\AppData\Local\Temp\wintljoe.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\ersfh.exe" = C:\Users\Slayerek\AppData\Local\Temp\ersfh.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winmynp.exe" = C:\Users\Slayerek\AppData\Local\Temp\winmynp.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winelry.exe" = C:\Users\Slayerek\AppData\Local\Temp\winelry.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winpkonrf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winpkonrf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winvtkiqe.exe" = C:\Users\Slayerek\AppData\Local\Temp\winvtkiqe.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winrars.exe" = C:\Users\Slayerek\AppData\Local\Temp\winrars.exe:*:Enabled:ipsec
"C:\Windows\System32\nwiz.exe" = C:\Windows\System32\nwiz.exe:*:Enabled:ipsec -- ()
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" = C:\Program Files\DAEMON Tools Lite\DTLite.exe:*:Enabled:ipsec -- (DT Soft Ltd)
"C:\Program Files\Intel\WiFi\bin\iwrap.exe" = C:\Program Files\Intel\WiFi\bin\iwrap.exe:*:Enabled:ipsec -- (Intel(R) Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\mmxq.exe" = C:\Users\Slayerek\AppData\Local\Temp\mmxq.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winsfknd.exe" = C:\Users\Slayerek\AppData\Local\Temp\winsfknd.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winiscx.exe" = C:\Users\Slayerek\AppData\Local\Temp\winiscx.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winodkiek.exe" = C:\Users\Slayerek\AppData\Local\Temp\winodkiek.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winuhota.exe" = C:\Users\Slayerek\AppData\Local\Temp\winuhota.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\lobab.exe" = C:\Users\Slayerek\AppData\Local\Temp\lobab.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winlfol.exe" = C:\Users\Slayerek\AppData\Local\Temp\winlfol.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winygtnjx.exe" = C:\Users\Slayerek\AppData\Local\Temp\winygtnjx.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\elqu.exe" = C:\Users\Slayerek\AppData\Local\Temp\elqu.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winglgf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winglgf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\lgon.exe" = C:\Users\Slayerek\AppData\Local\Temp\lgon.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\vjcs.exe" = C:\Users\Slayerek\AppData\Local\Temp\vjcs.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\rllsh.exe" = C:\Users\Slayerek\AppData\Local\Temp\rllsh.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\dswam.exe" = C:\Users\Slayerek\AppData\Local\Temp\dswam.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\bmwj.exe" = C:\Users\Slayerek\AppData\Local\Temp\bmwj.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\nxppe.exe" = C:\Users\Slayerek\AppData\Local\Temp\nxppe.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\iaolh.exe" = C:\Users\Slayerek\AppData\Local\Temp\iaolh.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winqbqox.exe" = C:\Users\Slayerek\AppData\Local\Temp\winqbqox.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winuouf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winuouf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winjagxfw.exe" = C:\Users\Slayerek\AppData\Local\Temp\winjagxfw.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winxvqy.exe" = C:\Users\Slayerek\AppData\Local\Temp\winxvqy.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winhxviim.exe" = C:\Users\Slayerek\AppData\Local\Temp\winhxviim.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winaohaf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winaohaf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winxftry.exe" = C:\Users\Slayerek\AppData\Local\Temp\winxftry.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\qefph.exe" = C:\Users\Slayerek\AppData\Local\Temp\qefph.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winfaaf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winfaaf.exe:*:Enabled:ipsec
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:ipsec -- (Malwarebytes Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\winadryu.exe" = C:\Users\Slayerek\AppData\Local\Temp\winadryu.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winygpf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winygpf.exe:*:Enabled:ipsec
"C:\Windows\system32\userinit.exe" = C:\Windows\system32\userinit.exe:*:Enabled:ipsec -- (Microsoft Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\winslmiuw.exe" = C:\Users\Slayerek\AppData\Local\Temp\winslmiuw.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winyiwwf.exe" = C:\Users\Slayerek\AppData\Local\Temp\winyiwwf.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winbbjd.exe" = C:\Users\Slayerek\AppData\Local\Temp\winbbjd.exe:*:Enabled:ipsec
"D:\LoL\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.187\deploy\LolClient.exe" = D:\LoL\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.187\deploy\LolClient.exe:*:Enabled:ipsec -- (Adobe Systems Inc.)
"C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" = C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe:*:Enabled:ipsec -- (Malwarebytes Corporation)
"C:\Users\Slayerek\AppData\Local\Temp\winssfd.exe" = C:\Users\Slayerek\AppData\Local\Temp\winssfd.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\lnhdi.exe" = C:\Users\Slayerek\AppData\Local\Temp\lnhdi.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winginq.exe" = C:\Users\Slayerek\AppData\Local\Temp\winginq.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winmqgv.exe" = C:\Users\Slayerek\AppData\Local\Temp\winmqgv.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\gpivu.exe" = C:\Users\Slayerek\AppData\Local\Temp\gpivu.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winbydq.exe" = C:\Users\Slayerek\AppData\Local\Temp\winbydq.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winocwiec.exe" = C:\Users\Slayerek\AppData\Local\Temp\winocwiec.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\nfiwxt.exe" = C:\Users\Slayerek\AppData\Local\Temp\nfiwxt.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\lsntg.exe" = C:\Users\Slayerek\AppData\Local\Temp\lsntg.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winrdovkh.exe" = C:\Users\Slayerek\AppData\Local\Temp\winrdovkh.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winseirfs.exe" = C:\Users\Slayerek\AppData\Local\Temp\winseirfs.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winhnmeb.exe" = C:\Users\Slayerek\AppData\Local\Temp\winhnmeb.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winppky.exe" = C:\Users\Slayerek\AppData\Local\Temp\winppky.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winjsqub.exe" = C:\Users\Slayerek\AppData\Local\Temp\winjsqub.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winssex.exe" = C:\Users\Slayerek\AppData\Local\Temp\winssex.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\njcgsr.exe" = C:\Users\Slayerek\AppData\Local\Temp\njcgsr.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winukspo.exe" = C:\Users\Slayerek\AppData\Local\Temp\winukspo.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\moghv.exe" = C:\Users\Slayerek\AppData\Local\Temp\moghv.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winesubev.exe" = C:\Users\Slayerek\AppData\Local\Temp\winesubev.exe:*:Enabled:ipsec
"D:\Instalki\OTL.exe" = D:\Instalki\OTL.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\hacik.exe" = C:\Users\Slayerek\AppData\Local\Temp\hacik.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\bulsmx.exe" = C:\Users\Slayerek\AppData\Local\Temp\bulsmx.exe:*:Enabled:ipsec
"C:\Users\Slayerek\AppData\Local\Temp\winrwjch.exe" = C:\Users\Slayerek\AppData\Local\Temp\winrwjch.exe:*:Enabled:ipsec -- ()
"C:\Users\Slayerek\AppData\Local\Temp\atucmk.exe" = C:\Users\Slayerek\AppData\Local\Temp\atucmk.exe:*:Enabled:ipsec -- ()


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12D7F408-FF4C-4569-B871-B000AC4F17C0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{62451C94-BD6A-47E0-98D9-8A077BA387FF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{06FD7929-B00F-4DBA-BADF-D543C198DF59}C:\windows\system32\nwiz.exe" = protocol=6 | dir=in | app=c:\windows\system32\nwiz.exe |
"TCP Query User{0ABEF8AC-C761-4856-94FC-1B9DA75E680C}C:\program files\malwarebytes' anti-malware\mbamgui.exe" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbamgui.exe |
"TCP Query User{327BFAC8-31D2-443F-AEBC-485AA8ADB0AB}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"TCP Query User{444DA5D7-7459-4B88-86D3-787FA87E3FFF}C:\program files\malwarebytes' anti-malware\mbam.exe" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"TCP Query User{4BCDA590-B321-49F6-94AB-18E873D24530}D:\instalki\sterowniki\intel_chipset-software-insta_a05_r302424.exe" = protocol=6 | dir=in | app=d:\instalki\sterowniki\intel_chipset-software-insta_a05_r302424.exe |
"TCP Query User{5C968252-38C5-462F-9DAF-6FFC0AC5E0CD}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{998D4424-A768-4849-9790-5D4561D24CAB}C:\program files\daemon tools lite\dtlite.exe" = protocol=6 | dir=in | app=c:\program files\daemon tools lite\dtlite.exe |
"TCP Query User{C7056DA2-C8C7-423A-98CB-858453FB94E0}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{CC000D23-93A5-433B-86AA-55175562F6AE}C:\program files\windows defender\msascui.exe" = protocol=6 | dir=in | app=c:\program files\windows defender\msascui.exe |
"TCP Query User{E86475FA-D3AC-434E-9687-8BD2BEF3966C}C:\windows\system32\userinit.exe" = protocol=6 | dir=in | app=c:\windows\system32\userinit.exe |
"TCP Query User{F2AB121C-55A3-487C-88DC-4270CD838965}D:\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=d:\diablo iii\diablo iii.exe |
"UDP Query User{1A6A9DCD-0620-4CC5-8D76-89AB0C6ADB02}C:\program files\daemon tools lite\dtlite.exe" = protocol=17 | dir=in | app=c:\program files\daemon tools lite\dtlite.exe |
"UDP Query User{2F6B25B1-EFDF-4EFC-9D9F-9A7CD3D8E06F}D:\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=d:\diablo iii\diablo iii.exe |
"UDP Query User{3CA51AB2-EFE3-425A-818D-6EE37A566D5B}C:\windows\system32\userinit.exe" = protocol=17 | dir=in | app=c:\windows\system32\userinit.exe |
"UDP Query User{40F8703E-03F4-4041-9468-0A789490D202}C:\program files\malwarebytes' anti-malware\mbam.exe" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |
"UDP Query User{5F896D4B-4808-44EF-BDA1-6FA6AFC112E4}C:\windows\system32\nwiz.exe" = protocol=17 | dir=in | app=c:\windows\system32\nwiz.exe |
"UDP Query User{7A26A16A-A93A-4D63-9E00-D728B4093C7D}C:\program files\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=c:\program files\flashget network\flashget 3\flashget3.exe |
"UDP Query User{80CEFD74-9DC8-4EDD-9C09-ADD1A416ECF8}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{8F7C81B6-8E29-4557-9CF5-3CA4D74920BF}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{A70BC10B-2A13-4DB6-A8BF-CAEFB3D221E6}C:\program files\malwarebytes' anti-malware\mbamgui.exe" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbamgui.exe |
"UDP Query User{B31F563B-12FB-4A1A-ADD9-CA11E798FD8A}C:\program files\windows defender\msascui.exe" = protocol=17 | dir=in | app=c:\program files\windows defender\msascui.exe |
"UDP Query User{DDEB2E65-B0C7-440E-A838-6B1433FCF8C8}D:\instalki\sterowniki\intel_chipset-software-insta_a05_r302424.exe" = protocol=17 | dir=in | app=d:\instalki\sterowniki\intel_chipset-software-insta_a05_r302424.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}_is1" = Need For Speed. The Run 1.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E4B37D6-D7F8-4067-B900-3F314C709916}" = Oprogramowanie Intel(R) PROSet/Wireless WiFi
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Eurobattle.net1.26" = Eurobattle.net
"FlashGet3.7" = FlashGet3.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 pl)" = Mozilla Firefox 14.0.1 (x86 pl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"ProInst" = Intel PROSet Wireless
"Warcraft III" = Warcraft III
"Winamp" = Winamp

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3366845728-784585638-755298595-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: wszystkie elementy
"Winamp Detect" = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2012-07-31 08:34:19 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0x2d8, godzina rozpoczęcia aplikacji 0x01cd6f18cd1eabd0.

Error - 2012-07-31 08:35:57 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0xf0c, godzina rozpoczęcia aplikacji 0x01cd6f1903420142.

Error - 2012-07-31 08:36:24 | Computer Name = Slayerek-PC | Source = VSS | ID = 8194
Description =

Error - 2012-07-31 08:36:39 | Computer Name = Slayerek-PC | Source = System Restore | ID = 8193
Description =

Error - 2012-07-31 08:37:18 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0xda0, godzina rozpoczęcia aplikacji 0x01cd6f19383a9512.

Error - 2012-07-31 08:37:24 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0xff8, godzina rozpoczęcia aplikacji 0x01cd6f193bb9d892.

Error - 2012-07-31 08:37:34 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0xcf0, godzina rozpoczęcia aplikacji 0x01cd6f19411afb72.

Error - 2012-07-31 08:40:49 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd dxgi.dll!CreateDXGIFactory1,
wersja 6.0.6002.18005, sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000139, przesunięcie
błędu 0x00009eed, identyfikator procesu 0x8a4, godzina rozpoczęcia aplikacji 0x01cd6f1959484862.

Error - 2012-07-31 09:05:21 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18005,
sygnatura czasowa 0x49e03821, kod wyjątku 0xc0000005, przesunięcie błędu 0x0003e13d,
identyfikator
procesu 0xf98, godzina rozpoczęcia aplikacji 0x01cd6f1ad9cba90a.

Error - 2012-08-02 13:06:31 | Computer Name = Slayerek-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd Need For Speed The Run.exe, wersja 1.1.0.0,
sygnatura czasowa 0x4f14cf9c, moduł powodujący błąd Need For Speed The Run.exe,
wersja 1.1.0.0, sygnatura czasowa 0x4f14cf9c, kod wyjątku 0xc0000005, przesunięcie
błędu 0x010b54c8, identyfikator procesu 0x6d8, godzina rozpoczęcia aplikacji 0x01cd70cd475206a8.

[ System Events ]
Error - 2012-08-10 07:18:46 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-10 07:18:46 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-10 07:18:56 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 2012-08-10 07:18:56 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-10 07:19:06 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-10 07:19:06 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-10 07:19:06 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 2012-08-10 07:20:36 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 2012-08-10 07:21:06 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 2012-08-10 07:21:08 | Computer Name = Slayerek-PC | Source = Service Control Manager | ID = 7024
Description =


< End of report >[/log]

Gość
komentarz
komentarz

1. Uruchom OTL i w okno [b]Własne opcje skanowania /skrypt[/b]

Wklej

[code]
:Processes
killallprocesses
:Files
C:\dcpwb.exe
C:\autorun.inf
D:\autorun.inf
D:\dcpwb.exe
:commands
[REBOOT]
[/code]

Kliknij [b]Wykonaj skrypt[/b]

komputer będzie wymagał restartu zgódż się

Podaj raport z usuwania


Uruchom OTL i kliknij [b] NIC [/b] w okno [b]Własne opcje skanowania /skrypt[/b]

wklej

[code]
C:\*.*
D:\*.*
[/code]

kliknij skanuj

Dostarcz raport

Pozatym pendrivy masz pozarażane i z nich prawdopodobnie weszła infekcja.

Pobierz Panda USB Vaccine:

http://www.dobreprogramy.pl/Panda-USB-Vaccine,Program,Windows,29142.html


Uruchom i kliknij komputer vaccine czy jakoś tak.

Ściągnij usbfix:

http://www.instalki.pl/programy/download/Windows/antywirusy/UsbFix.html

Podłącz pendrivy i kliknij deletion

Podaj nowy log z otl

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.