Avira antivir nie aktualizuje się

**Posty:** 52 · przez **msgarden** 09 Gru 2009, 23:51

Witam. Nie mogę zaktualizować antywirusa. Aktualizacja się pobiera, ale jak przychodzi moment aktualizacji to pojawia się komunikat:
http://img245.imageshack.us/img245/1797/42658344.jpg

Wrzucam logi z RSIT

Kod: Zaznacz wszystko: Logfile of random's system information tool 1.06 (written by random/random) Run by MikA at 2009-12-09 22:28:30 Microsoft® Windows Vista™ Business Service Pack 1 System drive C: has 14 GB (45%) free of 30 GB Total RAM: 1789 MB (52% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:28:49, on 2009-12-09 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18319) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint2K\Apoint.exe C:\Windows\System32\s3trayp.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\System32\S3Funkey.exe C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\MikA\Desktop\RSIT.exe C:\Program Files\trend micro\MikA.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe -chkautorun O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [S3Funkey] S3Funkey.exe O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://vexcast.com/download/vexcast.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{735E34CB-EBEF-4CC7-9B7A-AA1035EAAF0D}: NameServer = 217.30.129.149 217.30.137.200 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 4506 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-03 41760] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-09-12 155648] "S3Trayp"=S3trayp.exe -chkautorun [] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "S3Funkey"=C:\Windows\system32\S3Funkey.exe [2008-03-05 102400] "00PCTFW"=C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2009-11-19 2971608] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-12-03 1394000] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-12-03 429392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe [2006-11-10 1429504] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun] C:\Windows\CTRegRun.EXE [2006-10-06 53248] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live! Central] C:\Program Files\Creative\Creative Live! Cam\Live! Central\CTLVCentral.exe [2008-08-22 438399] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0415Mon.exe] C:\Windows\V0415Mon.exe [2008-08-07 28672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4cb7e0ff-b252-11de-b523-00140b0c531a}] shell\PRM\command - Thumbs.exe -start ======List of files/folders created in the last 2 months====== 2009-12-09 22:28:32 ----D---- C:\Program Files\trend micro 2009-12-09 22:28:30 ----D---- C:\rsit 2009-12-02 09:29:37 ----D---- C:\Windows\Minidump 2009-12-01 18:00:46 ----D---- C:\Program Files\Adobe 2009-11-29 20:50:43 ----D---- C:\Program Files\linksador 2009-11-29 20:49:42 ----D---- C:\Program Files\playerinstall 2009-11-24 22:05:44 ----A---- C:\Windows\system32\tzres.dll 2009-11-24 22:04:51 ----A---- C:\Windows\system32\msxml6.dll 2009-11-24 22:04:49 ----A---- C:\Windows\system32\msxml3.dll 2009-11-19 20:26:19 ----D---- C:\Program Files\Defraggler 2009-11-14 21:47:24 ----D---- C:\Users\MikA\AppData\Roaming\Reallusion 2009-11-14 20:06:17 ----D---- C:\ProgramData\Creative 2009-11-14 20:01:38 ----N---- C:\Windows\Ctregrun.exe 2009-11-14 19:58:29 ----A---- C:\Windows\system32\CTAFX32.dll 2009-11-14 19:58:05 ----A---- C:\Windows\system32\V0415Pin.dll 2009-11-14 19:58:04 ----A---- C:\Windows\V0415Mon.exe 2009-11-14 19:58:04 ----A---- C:\Windows\system32\V0415Hwx.dll 2009-11-14 19:58:04 ----A---- C:\Windows\system32\CtCamMgr.dll 2009-11-14 19:58:04 ----A---- C:\Windows\CtDrvIns.exe 2009-11-14 19:57:57 ----D---- C:\Windows\CtDrvInstall 2009-11-14 19:54:17 ----D---- C:\Users\MikA\AppData\Roaming\InstallShield 2009-11-14 19:50:23 ----D---- C:\Program Files\Creative 2009-11-12 01:55:48 ----D---- C:\Windows\system32\nagasoft 2009-11-12 00:27:40 ----A---- C:\Windows\system32\WSDApi.dll 2009-11-09 22:02:50 ----D---- C:\ProgramData\SonicStage 2009-11-09 21:52:01 ----A---- C:\Windows\system32\CDDBUISony.dll 2009-11-09 21:52:00 ----A---- C:\Windows\system32\CddbPlaylist2Sony.dll 2009-11-09 21:52:00 ----A---- C:\Windows\system32\CddbMusicIDSony.dll 2009-11-09 21:52:00 ----A---- C:\Windows\system32\CddbLinkSony.dll 2009-11-09 21:52:00 ----A---- C:\Windows\system32\CDDBControlSony.dll 2009-11-09 21:51:53 ----N---- C:\Windows\system32\pxcpyi64.exe 2009-11-09 21:51:52 ----N---- C:\Windows\system32\pxsfs.dll 2009-11-09 21:51:52 ----N---- C:\Windows\system32\pxinsi64.exe 2009-11-09 21:51:52 ----N---- C:\Windows\system32\pxinsa64.exe 2009-11-09 21:51:52 ----N---- C:\Windows\system32\pxhpinst.exe 2009-11-09 21:51:52 ----N---- C:\Windows\system32\pxcpya64.exe 2009-11-09 21:51:52 ----N---- C:\Windows\system32\pxafs.dll 2009-11-09 21:51:51 ----N---- C:\Windows\system32\vxblock.dll 2009-11-09 21:51:51 ----N---- C:\Windows\system32\pxdrv.dll 2009-11-09 21:51:50 ----N---- C:\Windows\system32\pxwave.dll 2009-11-09 21:51:50 ----N---- C:\Windows\system32\pxmas.dll 2009-11-09 21:51:50 ----N---- C:\Windows\system32\px.dll 2009-11-09 21:50:11 ----D---- C:\ProgramData\Sony Corporation 2009-11-09 21:47:29 ----D---- C:\Program Files\Sony 2009-11-09 21:47:24 ----D---- C:\Windows\system32\Iosubsys 2009-11-09 21:43:59 ----D---- C:\Users\MikA\AppData\Roaming\Sony Corporation 2009-11-09 21:43:33 ----D---- C:\Program Files\Common Files\Sony Shared 2009-11-05 12:28:29 ----A---- C:\Windows\system32\mshtml.dll 2009-11-04 03:28:10 ----D---- C:\Users\MikA\AppData\Roaming\StreamTorrent 2009-11-04 03:28:00 ----D---- C:\Program Files\StreamTorrent 1.0 2009-10-30 20:24:46 ----D---- C:\Program Files\GRETECH 2009-10-27 23:50:27 ----D---- C:\Program Files\Veetle 2009-10-22 16:24:49 ----D---- C:\Program Files\HD Tune 2009-10-20 21:02:46 ----D---- C:\ProgramData\DAEMON Tools Lite 2009-10-20 21:02:37 ----D---- C:\Program Files\DAEMON Tools Toolbar 2009-10-20 21:02:28 ----D---- C:\Program Files\DAEMON Tools Lite 2009-10-20 20:57:04 ----D---- C:\Users\MikA\AppData\Roaming\DAEMON Tools Lite 2009-10-16 11:30:39 ----D---- C:\Windows\Sun 2009-10-15 23:54:52 ----D---- C:\Users\MikA\AppData\Roaming\Malwarebytes 2009-10-15 23:54:24 ----D---- C:\ProgramData\Malwarebytes 2009-10-15 23:54:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-10-15 13:56:06 ----D---- C:\Program Files\CCleaner 2009-10-15 10:39:48 ----A---- C:\Windows\system32\occache.dll 2009-10-15 10:39:46 ----A---- C:\Windows\system32\wininet.dll 2009-10-15 10:39:46 ----A---- C:\Windows\system32\urlmon.dll 2009-10-15 10:39:45 ----A---- C:\Windows\system32\ieframe.dll 2009-10-15 10:39:44 ----A---- C:\Windows\system32\ieapfltr.dll 2009-10-15 10:39:42 ----A---- C:\Windows\system32\iertutil.dll 2009-10-15 10:39:41 ----A---- C:\Windows\system32\msfeeds.dll 2009-10-15 10:39:41 ----A---- C:\Windows\system32\iedkcs32.dll 2009-10-15 10:39:41 ----A---- C:\Windows\system32\ieaksie.dll 2009-10-15 10:39:40 ----A---- C:\Windows\system32\mstime.dll 2009-10-15 10:39:40 ----A---- C:\Windows\system32\jsproxy.dll 2009-10-15 10:39:40 ----A---- C:\Windows\system32\ieUnatt.exe 2009-10-15 10:39:40 ----A---- C:\Windows\system32\ieencode.dll 2009-10-15 10:39:29 ----A---- C:\Windows\system32\msv1_0.dll 2009-10-15 10:39:20 ----A---- C:\Windows\system32\ntkrnlpa.exe 2009-10-15 10:39:19 ----A---- C:\Windows\system32\ntoskrnl.exe 2009-10-15 10:39:15 ----A---- C:\Windows\system32\msasn1.dll 2009-10-15 10:36:35 ----A---- C:\Windows\system32\WMSPDMOD.DLL 2009-10-14 23:28:49 ----D---- C:\Windows\temp 2009-10-14 23:27:58 ----SHD---- C:\$RECYCLE.BIN 2009-10-14 23:13:28 ----A---- C:\Windows\PEV.exe 2009-10-14 23:13:18 ----D---- C:\Windows\ERDNT 2009-10-11 19:04:42 ----A---- C:\Windows\system32\Apphlpdm.dll 2009-10-11 19:04:41 ----A---- C:\Windows\system32\gameux.dll 2009-10-11 19:04:40 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2009-10-11 15:57:15 ----D---- C:\Windows\Easy CD-DA Extractor 11.0.3 2009-10-11 15:57:15 ----D---- C:\Program Files\Easy CD-DA Extractor 11 2009-10-10 14:01:01 ----D---- C:\Program Files\AIMP2 ======List of files/folders modified in the last 2 months====== 2009-12-09 22:28:47 ----D---- C:\Windows\Prefetch 2009-12-09 22:28:32 ----RD---- C:\Program Files 2009-12-09 22:25:20 ----D---- C:\Program Files\Mozilla Firefox 2009-12-09 22:23:21 ----D---- C:\Windows\system32\drivers 2009-12-09 21:52:53 ----D---- C:\Windows\system32\catroot 2009-12-09 21:52:50 ----D---- C:\Windows\winsxs 2009-12-09 21:52:30 ----D---- C:\Windows\system32\catroot2 2009-12-09 21:10:27 ----AD---- C:\ProgramData\TEMP 2009-12-09 20:10:18 ----D---- C:\Users\MikA\AppData\Roaming\Skype 2009-12-09 18:45:18 ----D---- C:\Users\MikA\AppData\Roaming\skypePM 2009-12-09 09:01:52 ----D---- C:\Windows 2009-12-08 22:41:30 ----SHD---- C:\System Volume Information 2009-12-08 22:21:22 ----D---- C:\Program Files\CONEXANT 2009-12-08 22:21:03 ----D---- C:\Windows\System32 2009-12-08 22:20:54 ----D---- C:\Windows\inf 2009-12-08 22:17:54 ----D---- C:\Users\MikA\AppData\Roaming\uTorrent 2009-12-08 22:06:25 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-12-02 09:27:36 ----A---- C:\Windows\DUMP77b0.tmp 2009-12-02 09:26:09 ----D---- C:\Config.Msi 2009-12-01 20:38:29 ----D---- C:\ProgramData\Adobe 2009-12-01 18:01:37 ----SHD---- C:\Windows\Installer 2009-12-01 18:01:12 ----D---- C:\Program Files\Common Files\Adobe 2009-11-27 07:55:17 ----D---- C:\Windows\system32\WDI 2009-11-25 16:29:19 ----D---- C:\Windows\rescache 2009-11-24 22:07:07 ----D---- C:\Windows\system32\pl-PL 2009-11-19 17:39:26 ----D---- C:\Program Files\PC Tools Firewall Plus 2009-11-17 23:54:54 ----D---- C:\ProgramData 2009-11-17 23:54:53 ----D---- C:\Windows\Help 2009-11-17 23:43:49 ----D---- C:\Windows\Debug 2009-11-14 20:01:44 ----HD---- C:\Program Files\InstallShield Installation Information 2009-11-14 20:00:08 ----D---- C:\Windows\twain_32 2009-11-12 01:55:50 ----SD---- C:\Windows\Downloaded Program Files 2009-11-09 21:44:29 ----D---- C:\Program Files\Common Files\InstallShield 2009-11-09 21:43:33 ----D---- C:\Program Files\Common Files 2009-11-05 18:36:21 ----A---- C:\Windows\system32\mrt.exe 2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe 2009-10-25 18:36:07 ----D---- C:\Windows\LiveKernelReports 2009-10-19 23:48:22 ----SD---- C:\Users\MikA\AppData\Roaming\Microsoft 2009-10-15 11:32:30 ----D---- C:\Windows\Microsoft.NET 2009-10-15 11:32:08 ----RSD---- C:\Windows\assembly 2009-10-15 10:48:15 ----D---- C:\Program Files\Internet Explorer 2009-10-14 23:25:57 ----A---- C:\Windows\system.ini 2009-10-14 23:21:56 ----D---- C:\Windows\AppPatch ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2008-01-18 350720] R1 pctgntdi;pctgntdi; \??\C:\Windows\System32\drivers\pctgntdi.sys [2009-11-19 233136] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-07-28 55656] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\Windows\system32\drivers\PCTAppEvent.sys [2009-11-19 87784] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-08-30 140800] R3 athr;Sterownik urządzenia rozszerzalnej bezprzewodowej sieci LAN Atheros; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456] R3 CmBatt;Sterownik baterii Microsoft o metodzie kontroli ACPI; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416] R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5bv.sys [2006-12-20 45568] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848] R3 PCTFW-DNS;PCTools Firewall - DNS driver; \??\C:\Windows\system32\drivers\pctNdis-DNS.sys [2009-08-14 32552] R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\Windows\system32\drivers\pctNdis-PacketFilter.sys [2009-11-19 70408] R3 pctNDIS;PC Tools Driver; C:\Windows\system32\DRIVERS\pctNdis.sys [2009-11-19 55208] R3 pctplfw;pctplfw; \??\C:\Windows\System32\drivers\pctplfw.sys [2009-11-19 115216] R3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual; C:\Windows\system32\DRIVERS\livecamv.sys [2007-01-15 31616] R3 S3GIGP;S3GIGP; C:\Windows\system32\DRIVERS\VTGKModeDX32.sys [2009-01-12 814592] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968] S3 ak77e2b5;ak77e2b5; C:\Windows\system32\drivers\ak77e2b5.sys [] S3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2008-08-12 135616] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632] S3 FETNDIS;Usługa sterownika karty VIA Rhine-Family Fast Ethernet; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-01-15 155136] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 MSKSSRV;Serwer proxy usługi Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192] S3 MSPCLOCK;Serwer proxy zegara Microsoft Streaming; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888] S3 MSPQM;Serwer proxy menedżera jakości Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504] S3 MSTEE;Konwerter strumieni Tee/Sink-to-Sink Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016] S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS [] S3 usbaudio;Sterownik audio USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088] S3 usbvideo;Urządzenie wideo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016] S3 V0415Vid;Creative Live! Cam Video IM Ultra Driver; C:\Windows\system32\DRIVERS\V0415Vid.sys [2008-08-14 282464] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328] S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-18 21504] R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2009-11-19 818432] R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2006-11-10 24064] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560] S2 vvdsvc;VJVodClientServices; C:\Windows\System32\svchost.exe [2008-01-18 21504] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-18 21504] S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-18 523776] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344] S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-18 21504] S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2008-01-18 917504] -----------------EOF-----------------

Kod: Zaznacz wszystko: info.txt logfile of random's system information tool 1.06 2009-12-09 22:28:59 ======Uninstall list====== -->C:\Program Files\InstallShield Installation Information\{2FF34494-2AD7-4210-8DCA-1EB5D39EF736}\setup.exe -runfromtemp -l0x0009 -removeonly -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{411DC141-5F0B-477C-9BB1-B167EB2945C8}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x9 /remove µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL 1.29-->"C:\Program Files\playerinstall\unins000.exe" 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001} Advanced Audio FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 /remove AIMP2-->C:\Program Files\AIMP2\Uninstall.exe ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE Ashampoo Burning Studio 2009-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 2009\unins000.exe" Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Broadcom 802.11 Network Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter" CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ILM10WHDza.INF Creative Live! Cam Video IM Ultra (VF0415) (1.00.03.00)-->C:\Windows\CtDrvIns.exe -uninstall -script VF0415.uns -plugin V0415Pin.dll -pluginres CtCamPin.crl -langid 0x0409 Creative Live! Central-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{411DC141-5F0B-477C-9BB1-B167EB2945C8}\setup.exe" -l0x9 /remove Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove Defraggler-->"C:\Program Files\Defraggler\uninst.exe" Easy CD-DA Extractor 11-->"C:\Windows\Easy CD-DA Extractor 11.0.3\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 11\irunin.xml" Gadu-Gadu 7.7-->C:\Program Files\Gadu-Gadu\Setup.exe HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe" HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_15091E40\HXFSETUP.EXE -U -ILM10Wz.inf HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF} K-Lite Codec Pack 4.1.7 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" linksadoor 1.29-->"C:\Users\MikA\AppData\Roaming\Mozilla\Firefox\Profiles\bnisrm01.default\extensions\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110415-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe OpenMG Limited Patch 4.7-07-14-05-01-->C:\Program Files\Common Files\Sony Shared\OpenMG\HotFixes\HotFix4.7-07-14-05-01\HotFixSetup\setup.exe /u OpenMG Secure Module 4.7.00-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{CCD663AE-610D-4BDF-AAB0-E914B044527D} UNINSTALL PC Tools Firewall Plus 6.0-->C:\Program Files\PC Tools Firewall Plus\unins000.exe /LOG Revo Uninstaller 1.83-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe ShowInfo-->MsiExec.exe /I{5701EFCA-EFA0-4109-BB33-BB461F63088A} Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82} Stream Torrent 1.0-->"C:\Program Files\StreamTorrent 1.0\uninstall.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Veetle TV 0.9.15-->C:\Program Files\Veetle\UninstallVeetleTV.exe VexcastPlayer2.0-->"C:\Windows\system32\Nagasoft\Uninstall.exe" VIA Chrome9 HC IGP Family Display-->C:\PROGRA~1\S3\Chrome9HC\s3minset.exe /u -log Chrome9HC.uns VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} ======Security center information====== AV: AntiVir Desktop AS: AntiVir Desktop AS: Windows Defender (disabled) ======System event log====== Computer Name: MikA-PC Event Code: 18 Message: Gotowe do instalacji: Następujące pliki zostały pobrane i są gotowe do instalacji. Zaplanowano zainstalowanie tych aktualizacji na komputerze dnia ?10 ?grudnia ?2009 o godzinie 03:00: - Aktualizacja dla systemu Windows Vista (KB972145) - Aktualizacja zabezpieczeń systemu Windows Vista (KB974318) - Aktualizacja filtru wiadomości-śmieci programu Windows Mail [grudzień 2009] (KB905866) - Narzędzie Windows do usuwania złośliwego oprogramowania — grudzień 2009 (KB890830) - Aktualizacja dla systemu Windows Vista (KB959130) - Aktualizacja systemu Windows Vista (KB970430) - Usługa wyszukiwania systemu Windows 4.0 dla systemu Windows Vista (KB940157) - Aktualizacja dla systemu Windows Vista (KB976470) - Aktualizacja dla systemu Windows Vista (KB975889) - Zbiorcza aktualizacja zabezpieczeń programu Internet Explorer 7 w systemie Windows Vista (KB976325) Record Number: 53929 Source Name: Microsoft-Windows-WindowsUpdateClient Time Written: 20091209205634.957539-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: MikA-PC Event Code: 18 Message: Gotowe do instalacji: Następujące pliki zostały pobrane i są gotowe do instalacji. Zaplanowano zainstalowanie tych aktualizacji na komputerze dnia ?10 ?grudnia ?2009 o godzinie 03:00: - Aktualizacja dla systemu Windows Vista (KB972145) - Aktualizacja zabezpieczeń systemu Windows Vista (KB974318) - Aktualizacja filtru wiadomości-śmieci programu Windows Mail [grudzień 2009] (KB905866) - Narzędzie Windows do usuwania złośliwego oprogramowania — grudzień 2009 (KB890830) - Aktualizacja dla systemu Windows Vista (KB959130) - Aktualizacja systemu Windows Vista (KB970430) - Usługa wyszukiwania systemu Windows 4.0 dla systemu Windows Vista (KB940157) - Aktualizacja dla systemu Windows Vista (KB976470) - Aktualizacja dla systemu Windows Vista (KB975889) - Zbiorcza aktualizacja zabezpieczeń programu Internet Explorer 7 w systemie Windows Vista (KB976325) - Aktualizacja systemu Windows Vista (KB971737) Record Number: 53930 Source Name: Microsoft-Windows-WindowsUpdateClient Time Written: 20091209205641.066914-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: MikA-PC Event Code: 18 Message: Gotowe do instalacji: Następujące pliki zostały pobrane i są gotowe do instalacji. Zaplanowano zainstalowanie tych aktualizacji na komputerze dnia ?10 ?grudnia ?2009 o godzinie 03:00: - Aktualizacja dla systemu Windows Vista (KB972145) - Aktualizacja zabezpieczeń systemu Windows Vista (KB974318) - Aktualizacja filtru wiadomości-śmieci programu Windows Mail [grudzień 2009] (KB905866) - Narzędzie Windows do usuwania złośliwego oprogramowania — grudzień 2009 (KB890830) - Aktualizacja dla systemu Windows Vista (KB959130) - Aktualizacja systemu Windows Vista (KB970430) - Usługa wyszukiwania systemu Windows 4.0 dla systemu Windows Vista (KB940157) - Aktualizacja dla systemu Windows Vista (KB976470) - Aktualizacja dla systemu Windows Vista (KB975889) - Zbiorcza aktualizacja zabezpieczeń programu Internet Explorer 7 w systemie Windows Vista (KB976325) - Aktualizacja systemu Windows Vista (KB971737) - Aktualizacja dla systemu Windows Vista (KB957000) Record Number: 53931 Source Name: Microsoft-Windows-WindowsUpdateClient Time Written: 20091209205645.129414-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: MikA-PC Event Code: 18 Message: Gotowe do instalacji: Następujące pliki zostały pobrane i są gotowe do instalacji. Zaplanowano zainstalowanie tych aktualizacji na komputerze dnia ?10 ?grudnia ?2009 o godzinie 03:00: - Aktualizacja dla systemu Windows Vista (KB972145) - Aktualizacja zabezpieczeń systemu Windows Vista (KB974318) - Aktualizacja filtru wiadomości-śmieci programu Windows Mail [grudzień 2009] (KB905866) - Narzędzie Windows do usuwania złośliwego oprogramowania — grudzień 2009 (KB890830) - Aktualizacja dla systemu Windows Vista (KB959130) - Aktualizacja systemu Windows Vista (KB970430) - Usługa wyszukiwania systemu Windows 4.0 dla systemu Windows Vista (KB940157) - Aktualizacja dla systemu Windows Vista (KB976470) - Aktualizacja dla systemu Windows Vista (KB975889) - Zbiorcza aktualizacja zabezpieczeń programu Internet Explorer 7 w systemie Windows Vista (KB976325) - Aktualizacja systemu Windows Vista (KB971737) - Aktualizacja dla systemu Windows Vista (KB957000) - Aktualizacja dla systemu Windows Vista (KB959108) Record Number: 53932 Source Name: Microsoft-Windows-WindowsUpdateClient Time Written: 20091209205645.129414-000 Event Type: Informacje User: ZARZĄDZANIE NT\SYSTEM Computer Name: MikA-PC Event Code: 7036 Message: Usługa Instalator modułów systemu Windows weszła w stan zatrzymania. Record Number: 53933 Source Name: Service Control Manager Time Written: 20091209205946.000000-000 Event Type: Informacje User: =====Application event log===== Computer Name: MikA-PC Event Code: 20221 Message: Identyfikator CoId={DBA4D5C3-0B78-420F-9CA9-7304C0CE0029}: Użytkownik MikA-PC\MikA rozpoczął wybieranie numeru w celu nawiązania połączenia Broadband przy użyciu profilu połączenia per-user o nazwie Net. Ustawienia połączenia: Dial-in User = RLWW2673888@dialnet.pl VpnStrategy =Not Applicable DataEncryption = Requested PrerequisiteEntry = CompartmentsEnabled = No AutoLogon = No UseRasCredentials = No CustomAuthKey = AuthRestriction Mask = 0x00000228 RasIpv4DefaultGateway = Yes Ipv4AddressAssignment = By Server Ipv4DNSServerAssignment = By Server RasIpv6DefaultGateway = Yes Ipv6DNSServerAssignment = By Server IpDnsFlags = IpNBTEnabled = No UseFlags = Internet Connection IpSecFlags = No Pre-shared key ConnectOnWinlogon = No. Record Number: 7260 Source Name: RasClient Time Written: 20091209201227.000000-000 Event Type: Informacje User: Computer Name: MikA-PC Event Code: 20222 Message: Identyfikator CoId={DBA4D5C3-0B78-420F-9CA9-7304C0CE0029}: Użytkownik MikA-PC\MikA próbuje ustanowić łącze do serwera dostępu zdalnego dla połączenia o nazwie Net, korzystając z następującego urządzenia: Server address/Phone Number = Device = Miniport WAN (PPPOE) Port = PPPoE2-0 MediaType = PPPoE. Record Number: 7261 Source Name: RasClient Time Written: 20091209201227.000000-000 Event Type: Informacje User: Computer Name: MikA-PC Event Code: 20223 Message: Identyfikator CoId={DBA4D5C3-0B78-420F-9CA9-7304C0CE0029}: Użytkownik MikA-PC\MikA pomyślnie ustanowił łącze do serwera dostępu zdalnego, korzystając z następującego urządzenia: Server address/Phone Number = Device = Miniport WAN (PPPOE) Port = PPPoE2-0 MediaType = PPPoE. Record Number: 7262 Source Name: RasClient Time Written: 20091209201227.000000-000 Event Type: Informacje User: Computer Name: MikA-PC Event Code: 20224 Message: Identyfikator CoId={DBA4D5C3-0B78-420F-9CA9-7304C0CE0029}: Łącze do serwera dostępu zdalnego zostało ustanowione przez użytkownika MikA-PC\MikA. Record Number: 7263 Source Name: RasClient Time Written: 20091209201227.000000-000 Event Type: Informacje User: Computer Name: MikA-PC Event Code: 20225 Message: Identyfikator CoId={DBA4D5C3-0B78-420F-9CA9-7304C0CE0029}: Użytkownik MikA-PC\MikA wybrał numer w celu nawiązania połączenia o nazwie Net z serwerem dostępu zdalnego, które zostało pomyślnie nawiązane. Parametry połączenia: TunnelIpAddress = 78.8.135.26 TunnelIpv6Address = fe80:: Dial-in User = RLWW2673888@dialnet.pl. Record Number: 7264 Source Name: RasClient Time Written: 20091209201228.000000-000 Event Type: Informacje User: =====Security event log===== Computer Name: MikA-PC Event Code: 5038 Message: Funkcja sprawdzania integralności kodu wykryła, że skrót obrazu pliku jest nieprawidłowy. Plik mógł zostać uszkodzony z powodu nieautoryzowanej modyfikacji. Nieprawidłowy skrót może wskazywać potencjalny problem z urządzeniem dyskowym. Nazwa pliku: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys Record Number: 14414 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091209212847.283413-000 Event Type: Niepowodzenie inspekcji User: Computer Name: MikA-PC Event Code: 5038 Message: Funkcja sprawdzania integralności kodu wykryła, że skrót obrazu pliku jest nieprawidłowy. Plik mógł zostać uszkodzony z powodu nieautoryzowanej modyfikacji. Nieprawidłowy skrót może wskazywać potencjalny problem z urządzeniem dyskowym. Nazwa pliku: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys Record Number: 14415 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091209212847.486538-000 Event Type: Niepowodzenie inspekcji User: Computer Name: MikA-PC Event Code: 5038 Message: Funkcja sprawdzania integralności kodu wykryła, że skrót obrazu pliku jest nieprawidłowy. Plik mógł zostać uszkodzony z powodu nieautoryzowanej modyfikacji. Nieprawidłowy skrót może wskazywać potencjalny problem z urządzeniem dyskowym. Nazwa pliku: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys Record Number: 14416 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091209212847.658413-000 Event Type: Niepowodzenie inspekcji User: Computer Name: MikA-PC Event Code: 5038 Message: Funkcja sprawdzania integralności kodu wykryła, że skrót obrazu pliku jest nieprawidłowy. Plik mógł zostać uszkodzony z powodu nieautoryzowanej modyfikacji. Nieprawidłowy skrót może wskazywać potencjalny problem z urządzeniem dyskowym. Nazwa pliku: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys Record Number: 14417 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091209212847.924038-000 Event Type: Niepowodzenie inspekcji User: Computer Name: MikA-PC Event Code: 5038 Message: Funkcja sprawdzania integralności kodu wykryła, że skrót obrazu pliku jest nieprawidłowy. Plik mógł zostać uszkodzony z powodu nieautoryzowanej modyfikacji. Nieprawidłowy skrót może wskazywać potencjalny problem z urządzeniem dyskowym. Nazwa pliku: \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys Record Number: 14418 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20091209212848.111538-000 Event Type: Niepowodzenie inspekcji User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\PROGRA~1\DISKEE~1\DISKEE~1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel "PROCESSOR_REVISION"=0e0c "NUMBER_OF_PROCESSORS"=2 -----------------EOF-----------------

proszę o sprawdzenie czy jest coś w tych logach.

**Posty:** 18165 · przez **wojtas** 10 Gru 2009, 00:15

przeinstaluj antywirusa
2. wykonaj optymalizację windowsa
3.Wyłącz przywracanie systemu ( właściwości mój komputer-zakładka przywracanie - wyłącz przywracanie na wszystkich dyskach). Po chwili włącz je powrotem]
4. zrób skan Malwarebytes Anti-Malware i daj raport

**Posty:** 52 · przez **msgarden** 10 Gru 2009, 21:00

reinstalacja pomogła. Raport ze skanu:

Kod: Zaznacz wszystko: Malwarebytes' Anti-Malware 1.42 Wersja bazy definicji: 3334 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 2009-12-10 19:58:08 mbam-log-2009-12-10 (19-58-08).txt Typ skanowania: Pełne skanowanie (C:\|D:\|) Przeskanowane obiekty: 157939 Upłynęło: 55 minute(s), 49 second(s) Zainfekowane procesy w pamięci: 0 Zainfekowane moduły pamięci: 0 Zainfekowane klucze rejestru: 0 Zainfekowane wartości rejestru: 0 Zainfekowane pliki rejestru: 0 Zainfekowane foldery: 0 Zainfekowane pliki: 0 Zainfekowane procesy w pamięci: (Nie wykryto groźnych plików) Zainfekowane moduły pamięci: (Nie wykryto groźnych plików) Zainfekowane klucze rejestru: (Nie wykryto groźnych plików) Zainfekowane wartości rejestru: (Nie wykryto groźnych plików) Zainfekowane pliki rejestru: (Nie wykryto groźnych plików) Zainfekowane foldery: (Nie wykryto groźnych plików) Zainfekowane pliki: (Nie wykryto groźnych plików)

dzięki bardzo

...jeszcze tak profilaktycznie dodałem skan z OTL:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2009-12-10 21:51:02 - Run 1 OTL by OldTimer - Version 3.1.14.0 Folder = C:\Users\MikA\Desktop Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,75 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 56,35% Memory free 3,74 Gb Paging File | 2,86 Gb Available in Paging File | 76,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,53 Gb Total Space | 12,76 Gb Free Space | 43,22% Space Free | Partition Type: NTFS Drive D: | 80,29 Gb Total Space | 67,40 Gb Free Space | 83,94% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MIKA-PC Current User Name: MikA Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1 .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-974391900-2071519107-3253428721-1000\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* chm.file [open] -- "%SystemRoot%\hh.exe" %1 cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01335CD0-1A8A-465B-A4FF-A19D9D4F57B6}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{6A2AFC2F-6273-4D63-9894-9EC21D406367}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{9061D7C1-2C5A-4102-A7B6-D1EFAFE48165}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16 "{5701EFCA-EFA0-4109-BB33-BB461F63088A}" = ShowInfo "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2 "{B91DF289-D36F-40D7-9CD6-1983E3DD0848}_is1" = 1.29 "{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "7-Zip" = 7-Zip 4.65 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Advanced Audio FX Engine" = Advanced Audio FX Engine "AIMP2" = AIMP2 "Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Broadcom 802.11b Network Adapter" = Broadcom 802.11 Network Adapter "CCleaner" = CCleaner (remove only) "Chrome9HC" = VIA Chrome9 HC IGP Family Display "CNXT_AUDIO_HDA" = Conexant HD Audio "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_15091E40" = HDAUDIO Soft Data Fax Modem with SmartCP "Creative Live! Central" = Creative Live! Central "Creative VF0415" = Creative Live! Cam Video IM Ultra (VF0415) (1.00.03.00) "Defraggler" = Defraggler "Easy CD-DA Extractor 11" = Easy CD-DA Extractor 11 "Gadu-Gadu" = Gadu-Gadu 7.7 "HD Tune_is1" = HD Tune 2.55 "HijackThis" = HijackThis 2.0.2 "InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00 "KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full) "linksadoor_is1" = linksadoor 1.29 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5) "OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01 "PC Tools Firewall Plus" = PC Tools Firewall Plus 6.0 "Revo Uninstaller" = Revo Uninstaller 1.83 "StreamTorrent 1.0" = Stream Torrent 1.0 "SysInfo" = Creative System Information "uTorrent" = µTorrent "Veetle TV" = Veetle TV 0.9.15 "VexcastPlayer2.0" = VexcastPlayer2.0 "VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-974391900-2071519107-3253428721-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2009-12-07 15:46:19 | Computer Name = MikA-PC | Source = Application Hang | ID = 1002 Description = Program Explorer.EXE w wersji 6.0.6001.18164 zatrzymał interakcję z systemem Windows i został zamknięty. Aby zobaczyć, czy jest dostępnych więcej informacji dotyczących tego problemu, sprawdź historię problemu w panelu sterowania raportami i rozwiązaniami problemów. Identyfikator procesu: 760 Godzina rozpoczęcia: 01ca774fdb13b5a5 Godzina zakończenia: 110 Error - 2009-12-07 18:53:06 | Computer Name = MikA-PC | Source = EventSystem | ID = 4621 Description = Error - 2009-12-08 07:11:15 | Computer Name = MikA-PC | Source = EventSystem | ID = 4621 Description = Error - 2009-12-09 04:13:13 | Computer Name = MikA-PC | Source = EventSystem | ID = 4621 Description = Error - 2009-12-09 18:11:17 | Computer Name = MikA-PC | Source = EventSystem | ID = 4621 Description = Error - 2009-12-10 08:08:05 | Computer Name = MikA-PC | Source = EventSystem | ID = 4621 Description = Error - 2009-12-10 13:28:42 | Computer Name = MikA-PC | Source = RasClient | ID = 20227 Description = Error - 2009-12-10 13:29:09 | Computer Name = MikA-PC | Source = VSS | ID = 8194 Description = Error - 2009-12-10 13:30:50 | Computer Name = MikA-PC | Source = VSS | ID = 8194 Description = Error - 2009-12-10 13:44:23 | Computer Name = MikA-PC | Source = VSS | ID = 8194 Description = [ Broadcom Wireless LAN Events ] Error - 2009-09-24 09:54:51 | Computer Name = MikA-PC | Source = WLAN-Tray | ID = 0 Description = Error - Unable to provide access to "Everyone" for container Broadcom Wireless Adapter Manager Container Error - 2009-09-27 10:10:55 | Computer Name = MikA-PC | Source = WLAN-Tray | ID = 0 Description = 16:10:55, Sun, Sep 27, 09 Error - Unable to gain access to user store [ System Events ] Error - 2009-11-09 16:55:54 | Computer Name = MikA-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2009-11-09 16:56:19 | Computer Name = MikA-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2009-11-09 17:28:07 | Computer Name = MikA-PC | Source = HTTP | ID = 15016 Description = Error - 2009-11-09 17:28:43 | Computer Name = MikA-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2009-11-09 17:28:49 | Computer Name = MikA-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2009-11-10 13:54:15 | Computer Name = MikA-PC | Source = HTTP | ID = 15016 Description = Error - 2009-11-10 13:54:40 | Computer Name = MikA-PC | Source = Service Control Manager | ID = 7001 Description = Error - 2009-11-10 13:54:59 | Computer Name = MikA-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001 Description = Error - 2009-11-10 14:15:20 | Computer Name = MikA-PC | Source = HTTP | ID = 15016 Description = Error - 2009-11-10 14:15:44 | Computer Name = MikA-PC | Source = Service Control Manager | ID = 7001 Description = < End of report >

OTL

Kod: Zaznacz wszystko: OTL logfile created on: 2009-12-10 21:51:02 - Run 1 OTL by OldTimer - Version 3.1.14.0 Folder = C:\Users\MikA\Desktop Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,75 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 56,35% Memory free 3,74 Gb Paging File | 2,86 Gb Available in Paging File | 76,42% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,53 Gb Total Space | 12,76 Gb Free Space | 43,22% Space Free | Partition Type: NTFS Drive D: | 80,29 Gb Total Space | 67,40 Gb Free Space | 83,94% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MIKA-PC Current User Name: MikA Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2009-12-10 21:48:31 | 00,537,600 | ---- | M] (OldTimer Tools) -- C:\Users\MikA\Desktop\OTL.exe PRC - [2009-11-19 17:38:38 | 00,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe PRC - [2009-11-19 17:37:57 | 02,971,608 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe PRC - [2009-07-21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2009-05-13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2009-03-02 12:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2008-10-29 07:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008-07-08 17:48:16 | 00,204,800 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\Windows\System32\s3trayp.exe PRC - [2008-03-20 11:04:46 | 02,127,296 | ---- | M] (Gadu-Gadu S.A.) -- C:\Program Files\Gadu-Gadu\gg.exe PRC - [2008-03-05 16:12:24 | 00,102,400 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\Windows\System32\S3Funkey.exe PRC - [2008-01-18 22:38:40 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008-01-18 22:33:40 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe PRC - [2006-11-10 17:55:00 | 01,601,536 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\BCMWLTRY.EXE PRC - [2006-11-10 17:55:00 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE PRC - [2006-09-12 09:22:14 | 00,155,648 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe PRC - [2006-09-08 15:06:08 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApntEx.exe PRC - [2006-09-08 14:54:30 | 00,042,544 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe PRC - [2006-08-04 17:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2009-12-10 21:48:31 | 00,537,600 | ---- | M] (OldTimer Tools) -- C:\Users\MikA\Desktop\OTL.exe MOD - [2008-01-18 22:26:36 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2009-11-19 17:38:38 | 00,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus) SRV - [2009-09-24 10:59:26 | 01,695,368 | ---- | M] (NanJing Nagasoft Co, LTD.) -- C:\Windows\System32\nagasoft\vjocx.dll -- (vvdsvc) SRV - [2009-07-21 13:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009-05-13 15:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008-01-18 22:38:26 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2006-12-14 02:21:20 | 00,045,056 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV) SRV - [2006-12-14 02:02:08 | 00,069,632 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV) SRV - [2006-12-14 01:46:16 | 00,057,344 | ---- | M] () -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR) SRV - [2006-11-10 17:55:00 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc) SRV - [2006-08-04 17:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService) SRV - [2005-11-14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003-07-28 19:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2009-11-25 11:19:02 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009-11-19 17:39:05 | 00,115,216 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplfw.sys -- (pctplfw) DRV - [2009-11-19 17:39:04 | 00,055,208 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctNdis.sys -- (pctNDIS) DRV - [2009-11-19 17:39:03 | 00,070,408 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter) DRV - [2009-11-19 17:39:01 | 00,233,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi) DRV - [2009-11-19 17:38:51 | 00,087,784 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys -- (PCTAppEvent) DRV - [2009-10-20 20:57:44 | 00,721,904 | ---- | M] () -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-08-14 11:44:18 | 00,032,552 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-DNS.sys -- (PCTFW-DNS) DRV - [2009-05-11 09:12:24 | 00,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009-03-30 09:33:07 | 00,096,104 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009-02-13 11:35:05 | 00,011,608 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009-01-12 14:50:40 | 00,814,592 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\Windows\System32\drivers\VTGKModeDX32.sys -- (S3GIGP) DRV - [2008-08-14 02:00:00 | 00,282,464 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\V0415Vid.sys -- (V0415Vid) DRV - [2008-08-12 15:50:36 | 00,135,616 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt) DRV - [2008-03-04 02:32:00 | 00,188,416 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2008-01-18 22:41:26 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008-01-18 20:53:24 | 00,073,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2007-01-15 17:57:08 | 00,031,616 | ---- | M] () -- C:\Windows\System32\drivers\livecamv.sys -- (RLDesignVirtualAudioCableWdm) DRV - [2007-01-15 14:17:10 | 00,155,136 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService) DRV - [2007-01-05 21:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2007-01-05 21:59:34 | 00,086,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm) DRV - [2006-12-20 15:00:38 | 00,045,568 | ---- | M] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\fetnd5bv.sys -- (FET5X86V) DRV - [2006-11-02 10:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006-11-02 10:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006-11-02 10:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006-11-02 10:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006-11-02 10:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006-11-02 10:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006-11-02 10:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006-11-02 10:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006-11-02 10:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006-11-02 10:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006-11-02 10:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006-11-02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006-11-02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006-11-02 10:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006-11-02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006-11-02 10:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006-11-02 10:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006-11-02 10:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006-11-02 10:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006-11-02 10:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006-11-02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006-11-02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006-11-02 10:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006-11-02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006-11-02 10:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006-11-02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006-11-02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006-11-02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006-11-02 10:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006-11-02 10:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2006-11-02 10:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006-11-02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006-11-02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006-11-02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006-11-02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006-11-02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006-11-02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006-11-02 08:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL) DRV - [2006-11-02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006-11-02 08:30:56 | 00,045,568 | ---- | M] (VIA Technologies, Inc. ) -- C:\Windows\System32\drivers\fetnd5.sys -- (FETNDIS) DRV - [2006-11-02 08:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2006-11-02 08:30:52 | 00,467,456 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006-11-02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv) DRV - [2006-10-18 11:09:26 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV) DRV - [2006-10-18 11:08:14 | 00,206,848 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL) DRV - [2006-10-18 11:08:04 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf) DRV - [2006-10-18 02:00:00 | 00,036,624 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20) DRV - [2006-08-30 09:35:58 | 00,140,800 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2006-08-04 17:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2006-06-19 14:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-974391900-2071519107-3253428721-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-974391900-2071519107-3253428721-1000\S-1-5-21-974391900-2071519107-3253428721-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-974391900-2071519107-3253428721-1000\S-1-5-21-974391900-2071519107-3253428721-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:3.3.18 FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1 FF - prefs.js..network.proxy.http: "localhost" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.socks: "localhost" FF - prefs.js..network.proxy.socks_port: 9050 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "localhost" FF - prefs.js..network.proxy.ssl_port: 9666 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009-11-11 11:17:41 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009-12-01 18:01:13 | 00,000,000 | ---D | M] [2009-09-24 15:29:39 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\mozilla\Extensions [2009-12-09 20:41:58 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\mozilla\Firefox\Profiles\bnisrm01.default\extensions [2009-11-29 20:50:10 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\mozilla\Firefox\Profiles\bnisrm01.default\extensions\_Output [2009-11-09 20:20:08 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\mozilla\Firefox\Profiles\bnisrm01.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2009-11-01 19:11:25 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\mozilla\Firefox\Profiles\bnisrm01.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} [2009-10-16 21:42:25 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\mozilla\Firefox\Profiles\bnisrm01.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2009-11-29 20:50:10 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\mozilla\Firefox\Profiles\bnisrm01.default\extensions\chrome [2009-11-29 20:50:10 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\mozilla\Firefox\Profiles\bnisrm01.default\extensions\defaults [2009-10-07 22:41:47 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009-08-24 20:19:13 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2009-08-24 20:19:13 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2009-08-24 20:19:13 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2009-08-24 20:19:13 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2009-08-24 20:19:13 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2009-08-24 20:19:13 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools) O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [S3Funkey] C:\Windows\System32\S3Funkey.exe (S3 Graphics Co., Ltd.) O4 - HKLM..\Run: [S3Trayp] C:\Windows\System32\s3trayp.exe (S3 Graphics Co., Ltd.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-974391900-2071519107-3253428721-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-974391900-2071519107-3253428721-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-974391900-2071519107-3253428721-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-974391900-2071519107-3253428721-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} http://vexcast.com/download/vexcast.cab (VodClient Control Class) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{4cb7e0ff-b252-11de-b523-00140b0c531a}\Shell\PRM\command - "" = Thumbs.exe -start O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2009-12-10 21:48:19 | 00,537,600 | ---- | C] (OldTimer Tools) -- C:\Users\MikA\Desktop\OTL.exe [2009-12-10 18:46:12 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2009-12-10 18:46:12 | 00,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2009-12-10 18:46:11 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2009-12-10 18:46:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira [2009-12-10 18:46:09 | 00,000,000 | ---D | C] -- C:\Program Files\Avira [2009-12-10 11:14:20 | 00,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll [2009-12-10 11:14:20 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll [2009-12-10 11:14:18 | 00,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2009-12-10 11:14:18 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll [2009-12-10 11:14:18 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll [2009-12-10 11:14:18 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll [2009-12-10 11:14:18 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll [2009-12-10 11:14:17 | 00,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll [2009-12-10 11:14:17 | 00,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll [2009-12-10 11:14:17 | 00,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll [2009-12-10 11:14:16 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll [2009-12-10 11:14:15 | 01,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll [2009-12-10 11:14:15 | 00,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll [2009-12-10 11:14:15 | 00,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll [2009-12-10 11:14:15 | 00,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2009-12-10 11:14:15 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll [2009-12-10 11:14:15 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll [2009-12-10 11:14:15 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll [2009-12-10 11:14:14 | 06,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll [2009-12-10 11:14:13 | 01,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2009-12-10 11:14:13 | 01,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2009-12-10 11:14:13 | 00,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2009-12-10 11:14:13 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2009-12-10 11:14:13 | 00,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2009-12-09 22:28:32 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro [2009-12-09 21:56:44 | 00,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2009-12-09 21:56:40 | 00,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll [2009-12-09 21:56:39 | 00,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe [2009-12-09 21:56:14 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2009-12-09 21:56:12 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2009-12-09 21:56:11 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2009-12-09 21:56:10 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2009-12-09 21:56:09 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2009-12-09 21:56:09 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2009-12-09 21:56:09 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2009-12-09 21:56:08 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2009-12-09 21:56:08 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2009-12-09 21:56:07 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2009-12-09 21:55:56 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2009-12-09 21:55:43 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll [2009-12-09 21:55:43 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll [2009-12-09 21:55:03 | 01,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll [2009-12-09 21:54:54 | 00,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll [2009-12-09 21:54:54 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll [2009-12-09 21:54:26 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe [2009-12-09 21:54:21 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2009-12-02 09:29:37 | 00,000,000 | ---D | C] -- C:\Windows\Minidump [2009-12-01 18:00:46 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe [2009-11-29 20:50:43 | 00,000,000 | ---D | C] -- C:\Program Files\linksador [2009-11-29 20:49:42 | 00,000,000 | ---D | C] -- C:\Program Files\playerinstall [2009-11-24 22:05:44 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2009-11-19 20:26:19 | 00,000,000 | ---D | C] -- C:\Program Files\Defraggler [2009-11-14 21:47:24 | 00,000,000 | ---D | C] -- C:\Users\MikA\AppData\Roaming\Reallusion [2009-11-14 20:06:42 | 00,000,000 | ---D | C] -- C:\Users\MikA\Documents\Live! Central [2009-11-14 20:06:17 | 00,000,000 | ---D | C] -- C:\ProgramData\Creative [2009-11-14 20:01:40 | 00,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mscomct2.ocx [2009-11-14 20:01:38 | 00,053,248 | ---- | C] (Creative Technology Ltd ) -- C:\Windows\Ctregrun.exe [2009-11-14 19:58:29 | 00,175,104 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\CTAFX32.dll [2009-11-14 19:58:05 | 00,114,688 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\V0415Ext.ax [2009-11-14 19:58:05 | 00,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\V0415Pin.dll [2009-11-14 19:58:04 | 00,282,464 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\V0415Vid.sys [2009-11-14 19:58:04 | 00,094,208 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\CtDrvIns.exe [2009-11-14 19:58:04 | 00,065,536 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\V0415Ext.crl [2009-11-14 19:58:04 | 00,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\CtCamMgr.dll [2009-11-14 19:58:04 | 00,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\V0415Hwx.dll [2009-11-14 19:58:04 | 00,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\V0415Mon.exe [2009-11-14 19:58:04 | 00,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\CtCamPin.crl [2009-11-14 19:57:57 | 00,000,000 | ---D | C] -- C:\Windows\CtDrvInstall [2009-11-14 19:54:17 | 00,000,000 | ---D | C] -- C:\Users\MikA\AppData\Roaming\InstallShield [2009-11-14 19:51:13 | 00,135,616 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\drivers\CtClsFlt.sys [2009-11-14 19:50:23 | 00,000,000 | ---D | C] -- C:\Program Files\Creative [2009-11-12 01:55:48 | 00,000,000 | ---D | C] -- C:\Windows\System32\nagasoft [2009-11-12 00:27:45 | 02,035,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2009-11-12 00:27:40 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2009-12-10 21:51:12 | 02,883,584 | -HS- | M] () -- C:\Users\MikA\NTUSER.DAT [2009-12-10 21:48:31 | 00,537,600 | ---- | M] (OldTimer Tools) -- C:\Users\MikA\Desktop\OTL.exe [2009-12-10 20:48:59 | 00,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009-12-10 20:48:59 | 00,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009-12-10 18:49:13 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009-12-10 18:48:58 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009-12-10 18:48:55 | 18,771,31264 | -HS- | M] () -- C:\hiberfil.sys [2009-12-10 18:47:39 | 00,524,288 | -HS- | M] () -- C:\Users\MikA\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms [2009-12-10 18:47:39 | 00,065,536 | -HS- | M] () -- C:\Users\MikA\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf [2009-12-10 18:47:32 | 01,692,937 | -H-- | M] () -- C:\Users\MikA\AppData\Local\IconCache.db [2009-12-10 18:46:29 | 00,001,853 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2009-12-10 11:38:28 | 01,485,126 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2009-12-10 11:38:28 | 00,662,056 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2009-12-10 11:38:28 | 00,126,908 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2009-12-08 22:06:25 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2009-12-08 22:06:25 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2009-12-03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009-12-03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009-11-25 11:19:02 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2009-11-19 20:26:20 | 00,001,708 | ---- | M] () -- C:\Users\MikA\Desktop\Defraggler.lnk [2009-11-19 17:39:06 | 00,098,600 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys [2009-11-19 17:39:05 | 00,115,216 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctplfw.sys [2009-11-19 17:39:05 | 00,007,383 | ---- | M] () -- C:\Windows\System32\drivers\pctplfw.cat [2009-11-19 17:39:04 | 00,055,208 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctNdis.sys [2009-11-19 17:39:03 | 00,070,408 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctNdis-PacketFilter.sys [2009-11-19 17:39:02 | 00,007,435 | ---- | M] () -- C:\Windows\System32\drivers\pctNdis-PacketFilter.cat [2009-11-19 17:39:02 | 00,007,399 | ---- | M] () -- C:\Windows\System32\drivers\pctNdis-DNS.cat [2009-11-19 17:39:01 | 00,233,136 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys [2009-11-19 17:38:53 | 00,207,792 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys [2009-11-19 17:38:52 | 00,007,383 | ---- | M] () -- C:\Windows\System32\drivers\pctcore.cat [2009-11-19 17:38:51 | 00,087,784 | ---- | M] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys [2009-11-12 00:41:08 | 00,247,664 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2009-12-10 18:46:29 | 00,001,853 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2009-12-10 11:14:20 | 00,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009-12-10 11:14:20 | 00,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009-12-10 11:14:16 | 11,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex [2009-12-09 21:55:58 | 00,003,374 | ---- | C] () -- C:\Windows\System32\RacUR.xml [2009-12-09 21:55:58 | 00,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml [2009-12-02 09:50:39 | 18,771,31264 | -HS- | C] () -- C:\hiberfil.sys [2009-11-19 20:26:20 | 00,001,708 | ---- | C] () -- C:\Users\MikA\Desktop\Defraggler.lnk [2009-11-19 17:39:05 | 00,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplfw.cat [2009-11-19 17:39:02 | 00,007,435 | ---- | C] () -- C:\Windows\System32\drivers\pctNdis-PacketFilter.cat [2009-11-19 17:39:02 | 00,007,399 | ---- | C] () -- C:\Windows\System32\drivers\pctNdis-DNS.cat [2009-11-14 20:01:20 | 00,007,062 | ---- | C] () -- C:\Windows\System32\audiopid.vxd [2009-11-14 19:58:05 | 00,057,656 | ---- | C] () -- C:\Windows\System32\drivers\V0415PC.bmp [2009-11-14 19:58:05 | 00,004,371 | ---- | C] () -- C:\Windows\VF0415.uns [2009-11-14 19:54:38 | 00,031,616 | ---- | C] () -- C:\Windows\System32\drivers\livecamv.sys [2009-11-14 19:54:11 | 00,057,656 | ---- | C] () -- C:\Windows\System32\drivers\FilterPC.bmp [2009-11-14 19:54:11 | 00,024,995 | ---- | C] () -- C:\Windows\System32\drivers\FilterPC.jpg [2009-11-09 21:52:00 | 00,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll [2009-10-20 20:57:44 | 00,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009-10-04 18:53:51 | 00,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009-10-04 18:53:50 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2009-10-04 18:53:45 | 00,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009-10-04 18:53:44 | 00,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009-10-04 18:53:43 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2009-10-04 18:53:40 | 00,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009-09-27 15:06:51 | 00,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2009-09-27 12:12:58 | 00,006,144 | ---- | C] () -- C:\Users\MikA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-09-26 22:00:47 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009-09-24 14:51:25 | 00,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll [2009-09-24 14:30:20 | 00,001,356 | ---- | C] () -- C:\Users\MikA\AppData\Local\d3d9caps.dat [2008-09-12 15:21:02 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2007-03-08 12:42:07 | 00,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll [2006-11-02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [color=#E56717]========== LOP Check ==========[/color] [2009-09-25 23:06:59 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\Ashampoo [2009-10-07 22:33:29 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\COWON [2009-10-20 21:05:24 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\DAEMON Tools Lite [2009-09-25 19:41:05 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\Gadu-Gadu [2009-09-24 21:33:23 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\PCToolsFirewallPlus [2009-11-04 03:28:10 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\StreamTorrent [2009-12-10 19:58:22 | 00,000,000 | ---D | M] -- C:\Users\MikA\AppData\Roaming\uTorrent [2009-12-10 18:47:42 | 00,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:C31F31E6 < End of report >