System pracuje wolniej

**Posty:** 376 · przez **FastMan** 11 Lut 2011, 18:09

Witam, dzisiaj zauważyłem że moja siódemka zaczęła coś lekko przymulać przy normalnej pracy, chciałbym prosić o sprawdzenie logów.
Logi z OTL, jeśli będą potrzebne jakieś dodatkowe proszę pisać, zaznaczam jednak że mam system 64 bitowy.

Kod: Zaznacz wszystko: OTL logfile created on: 2011-02-11 17:05:05 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = D:\ 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 65,46 Gb Total Space | 18,28 Gb Free Space | 27,93% Space Free | Partition Type: NTFS Drive D: | 400,30 Gb Total Space | 119,68 Gb Free Space | 29,90% Space Free | Partition Type: NTFS Drive E: | 27,11 Gb Total Space | 18,45 Gb Free Space | 68,06% Space Free | Partition Type: NTFS Drive F: | 149,05 Gb Total Space | 32,30 Gb Free Space | 21,67% Space Free | Partition Type: NTFS Drive H: | 286,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive K: | 10,16 Gb Total Space | 1,19 Gb Free Space | 11,75% Space Free | Partition Type: NTFS Computer Name: FASTMANPC | User Name: FastMan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-02-11 17:02:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe PRC - [2010-12-21 15:27:25 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010-12-16 16:22:17 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010-09-28 01:49:08 | 000,892,992 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectifyd.exe PRC - [2010-09-28 01:49:06 | 001,338,944 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectify.exe PRC - [2010-07-28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe PRC - [2010-07-09 20:04:34 | 003,493,776 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\Xfire.exe PRC - [2009-05-14 14:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2008-01-22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE PRC - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-02-11 17:02:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe MOD - [2010-07-09 20:04:44 | 000,970,640 | ---- | M] (Xfire Inc.) -- C:\Program Files (x86)\Xfire\xfire_toucan_43094.dll MOD - [2009-07-14 02:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009-07-14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2004-01-11 23:00:00 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-11-26 03:54:12 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010-07-28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) [Auto | Running] -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc) SRV:[b]64bit:[/b] - [2010-02-24 16:49:59 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009-05-14 14:54:26 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV:[b]64bit:[/b] - [2009-05-14 14:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV - [2010-12-16 16:22:17 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010-12-06 08:31:50 | 002,101,640 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-10-26 16:05:24 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2010-09-28 01:49:08 | 000,892,992 | ---- | M] (Connectify) [Auto | Running] -- C:\Program Files (x86)\Connectify\Connectifyd.exe -- (Connectify) SRV - [2010-03-08 20:40:00 | 003,396,680 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010-02-24 16:49:54 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-02-09 15:15:09 | 000,326,792 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-11-18 13:40:26 | 000,012,288 | ---- | M] (Chris Pietschmann (http://pietschsoft.com)) [Auto | Running] -- C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe -- (Virtual Router) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-01-22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC) SRV - [2007-05-31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-12-06 21:35:07 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:[b]64bit:[/b] - [2010-12-05 16:32:11 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2010-12-05 16:32:11 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2010-11-26 05:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2010-11-26 05:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-11-26 03:16:46 | 000,289,792 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-10-23 06:34:53 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-08-11 14:39:24 | 000,034,880 | ---- | M] (Connectify) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\connctfy.sys -- (connctfyMP) DRV:[b]64bit:[/b] - [2010-08-11 14:39:24 | 000,034,880 | ---- | M] (Connectify) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\connctfy.sys -- (connctfy) DRV:[b]64bit:[/b] - [2010-04-07 16:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2010-02-25 17:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2010-02-03 14:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2009-12-30 11:21:24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:[b]64bit:[/b] - [2009-12-01 14:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-14 14:49:56 | 000,121,152 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:[b]64bit:[/b] - [2009-05-14 14:47:16 | 000,134,024 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2009-05-14 14:41:14 | 000,142,776 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon) DRV:[b]64bit:[/b] - [2009-02-23 14:58:56 | 000,118,272 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser) DRV:[b]64bit:[/b] - [2008-02-12 02:59:18 | 000,297,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm) DRV:[b]64bit:[/b] - [2008-02-05 00:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2) DRV:[b]64bit:[/b] - [2007-10-05 09:18:06 | 000,040,832 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus) DRV:[b]64bit:[/b] - [2007-10-05 09:18:06 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini) DRV:[b]64bit:[/b] - [2007-05-01 16:03:40 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiH2586.sys -- (SaiH2586) DRV:[b]64bit:[/b] - [2007-05-01 15:05:32 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiHFF04.sys -- (SaiHFF04) DRV:[b]64bit:[/b] - [2007-05-01 15:05:32 | 000,020,608 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiIFF04.sys -- (SaiIFF04) Immersion's HID USB Driver (FF04) DRV:[b]64bit:[/b] - [2005-03-28 10:30:36 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2008-08-14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) DRV - [2007-09-19 21:37:50 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) DRV - [2007-02-07 19:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) DRV - [2005-01-04 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://shop.thefreevpn.com/home.php IE - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://wp.pl" FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.5.2 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.21.0 FF - prefs.js..extensions.enabledItems: {3474c305-9dad-11d8-9207-00055d74c2e4}:0.4.10 FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.0 FF - prefs.js..extensions.enabledItems: coc@ble.pl:2.2.0.3.7 FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:0.3 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-30 18:21:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-12-21 15:27:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-04-17 09:57:36 | 000,000,000 | ---D | M] [2010-02-24 16:14:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Extensions [2009-12-28 17:13:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010-02-24 16:32:39 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Screengrab) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010-02-24 16:32:35 | 000,000,000 | -H-D | M] (FireShot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2010-02-24 16:32:36 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-02-24 16:32:35 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Bookmark Backup) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4} [2010-02-24 16:32:35 | 000,000,000 | -H-D | M] (ReloadEvery) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2010-02-24 16:32:35 | 000,000,000 | -H-D | M] (Megaupload Toolbar) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D} [2010-02-24 16:32:36 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Abduction!) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255} [2010-02-24 16:32:36 | 000,000,000 | ---D | M] ("All-Glass Firefox mod, based on Glasser") -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\allglassv2@ambroos.neowin.net [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Autofill Forms) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\autofillForms@blueimp.net [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Battlefield Heroes Updater) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\battlefieldheroespatcher@ea.com [2010-02-24 16:32:36 | 000,000,000 | ---D | M] (Check4Change) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\check4change-owner@mozdev.org [2010-02-24 16:32:37 | 000,000,000 | ---D | M] (NEW Glasser by SzymekPL) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\coc@ble.pl [2010-02-24 16:32:38 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\firebug@software.joehewitt.com [2010-02-24 16:32:39 | 000,000,000 | ---D | M] (Tab Scope) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\tabscope@xuldev.org [2010-10-23 09:23:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Screengrab) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010-02-24 16:32:25 | 000,000,000 | -H-D | M] (FireShot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2010-02-24 16:32:26 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-02-24 16:32:25 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Bookmark Backup) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4} [2010-02-24 16:32:25 | 000,000,000 | -H-D | M] (ReloadEvery) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2010-02-24 16:32:25 | 000,000,000 | -H-D | M] (Megaupload Toolbar) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D} [2010-02-24 16:32:26 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Abduction!) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2010-10-23 09:23:09 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010-02-24 16:32:26 | 000,000,000 | ---D | M] ("All-Glass Firefox mod, based on Glasser") -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\allglassv2@ambroos.neowin.net [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Autofill Forms) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\autofillForms@blueimp.net [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Battlefield Heroes Updater) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\battlefieldheroespatcher@ea.com [2010-02-24 16:32:26 | 000,000,000 | ---D | M] (Check4Change) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\check4change-owner@mozdev.org [2010-02-24 16:32:27 | 000,000,000 | ---D | M] (NEW Glasser by SzymekPL) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\coc@ble.pl [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\DTToolbar@toolbarnet.com [2010-02-24 16:32:29 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\firebug@software.joehewitt.com [2010-10-23 09:23:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\lockerzplayextended@flies [2010-02-24 16:32:29 | 000,000,000 | ---D | M] (Tab Scope) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\tabscope@xuldev.org [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\vsc@briks.si [2011-02-11 16:20:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions [2010-10-31 07:01:01 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010-10-31 07:01:58 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2010-10-24 06:54:53 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-02-24 16:15:09 | 000,000,000 | -H-D | M] (Bookmark Backup) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2010-02-24 16:15:12 | 000,000,000 | -H-D | M] (Abduction!) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\allglassv2@ambroos.neowin.net [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\autofillForms@blueimp.net [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\check4change-owner@mozdev.org [2010-10-23 09:23:48 | 000,000,000 | ---D | M] (NEW Glasser by SzymekPL) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\coc@ble.pl [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\DTToolbar@toolbarnet.com [2010-06-20 14:40:08 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\firebug@software.joehewitt.com [2010-06-26 07:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\lockerzplayextended@flies [2010-10-24 06:54:53 | 000,000,000 | ---D | M] (Tab Scope) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\tabscope@xuldev.org [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\vsc@briks.si [2009-05-23 17:02:20 | 000,002,399 | -H-- | M] () -- C:\Users\FastMan\AppData\Roaming\Mozilla\Firefox\Profiles\7h2dqkcj.default\searchplugins\daemon-search.xml [2011-02-11 16:20:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-11-16 20:04:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\staff@hide-my-ip.com File not found (No name found) -- C:\USERS\FASTMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UOTK2L6C.DEFAULT\EXTENSIONS\BATTLEFIELDHEROESPATCHER@EA.COM [2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-10-12 21:19:45 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2010-10-12 21:19:45 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-10-12 21:19:45 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2010-10-12 21:19:45 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2010-10-12 21:19:45 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-10-12 21:19:45 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-02-08 19:04:43 | 000,001,397 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com O1 - Hosts: 127.0.0.1 www.alcohol-soft.com O1 - Hosts: 127.0.0.1 images.alcohol-soft.com O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com O1 - Hosts: 127.0.0.1 alcohol-soft.com O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 gosredirector.com O1 - Hosts: 127.0.0.1 gosgvaprod-qos01.com O1 - Hosts: 127.0.0.1 gosiadprod-qos01.com O1 - Hosts: 127.0.0.1 gossjcprod-qos01.com O1 - Hosts: 127.0.0.1 demangler.com O1 - Hosts: 127.0.0.1 vmp.tools.gos.com O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL (Microsoft Corporation) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\FastMan\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (Steganos Internet Anonym) - {00000000-5736-4205-0008-781cd0e19f00} - c:\program files (x86)\steganos internet anonym pro 7\siapro7iep.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\..\Toolbar\WebBrowser: (Steganos Internet Anonym) - {00000000-5736-4205-0008-781CD0E19F00} - c:\program files (x86)\steganos internet anonym pro 7\siapro7iep.dll () O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] File not found O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime Alternative\QTTask.exe (Apple Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe (Connectify) O4 - HKU\.DEFAULT..\RunOnce: [SIAPRO7] C:\Program Files (x86)\Steganos Internet Anonym Pro 7\SIAPRO7.exe (Steganos GmbH) O4 - HKU\S-1-5-18..\RunOnce: [SIAPRO7] C:\Program Files (x86)\Steganos Internet Anonym Pro 7\SIAPRO7.exe (Steganos GmbH) O4 - HKU\S-1-5-19..\RunOnce: [SIAPRO7] C:\Program Files (x86)\Steganos Internet Anonym Pro 7\SIAPRO7.exe (Steganos GmbH) O4 - HKU\S-1-5-20..\RunOnce: [SIAPRO7] C:\Program Files (x86)\Steganos Internet Anonym Pro 7\SIAPRO7.exe (Steganos GmbH) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 0 O7 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1 O8:[b]64bit:[/b] - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm () O8:[b]64bit:[/b] - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm () O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm () O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windupdt\winupdate.exe) - File not found O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-12-21 17:18:44 | 000,462,156 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2010-08-29 10:56:01 | 000,000,060 | R--- | M] () - H:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2008-02-11 12:36:27 | 000,000,000 | ---- | M] () - K:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-01-30 07:37:47 | 000,217,578 | ---- | M] () - K:\AutoMapaSetupLog.txt -- [ NTFS ] O33 - MountPoints2\{9ab6e785-de67-11df-bfee-001bfcad2d28}\Shell - "" = AutoRun O33 - MountPoints2\{9ab6e785-de67-11df-bfee-001bfcad2d28}\Shell\AutoRun\command - "" = N:\Autorun.exe O33 - MountPoints2\{a8835d31-245d-11df-9f7c-001bfcad2d28}\Shell - "" = AutoRun O33 - MountPoints2\{a8835d31-245d-11df-9f7c-001bfcad2d28}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2010-08-29 10:53:34 | 207,202,714 | R--- | M] (Play sp. z o. o. ) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-02-08 19:12:34 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\RedDotGames [2011-02-08 19:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play [2011-02-08 19:08:09 | 003,690,496 | ---- | C] (Truevision3D LLC) -- C:\Windows\SysWow64\tv3d65.dll [2011-02-06 14:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nebudroid [2011-02-06 14:13:48 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nebudroid [2011-02-06 14:13:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nebudroid [2011-02-05 13:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warsow 0.6 [2011-02-05 13:58:44 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\Warsow 0.6 [2011-02-05 12:47:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011-01-23 19:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driving Simulator 2009 [2011-01-23 19:12:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Lightrock Entertainment [2011-01-23 18:57:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Driving-School [2011-01-20 15:07:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USB Vibration [2011-01-18 15:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia [2011-01-18 15:58:08 | 000,000,000 | ---D | C] -- C:\Users\FastMan\Documents\Synthesia Music [2011-01-18 15:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Synthesia [2011-01-17 16:01:39 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project Tupolev Tu-154m for MS FS2004 [2011-01-14 11:02:43 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2011-01-14 11:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\Fraps [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-02-11 17:05:13 | 000,024,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-11 17:05:13 | 000,024,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-11 16:57:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-11 14:40:12 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2011-02-10 19:17:00 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for FastMan.job [2011-02-09 07:10:27 | 003,495,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-02-08 19:08:18 | 000,000,671 | ---- | M] () -- C:\Users\Public\Desktop\Lowrider Extreme.lnk [2011-02-05 22:36:55 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011-02-05 22:36:55 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-02-05 22:36:38 | 000,234,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011-02-05 13:59:39 | 000,000,765 | ---- | M] () -- C:\Users\Public\Desktop\Warsow.lnk [2011-02-05 12:47:10 | 329,159,694 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-02-01 13:40:06 | 000,000,132 | ---- | M] () -- C:\Users\FastMan\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011-02-01 13:19:46 | 000,001,456 | ---- | M] () -- C:\Users\FastMan\AppData\Local\Adobe Save for Web 12.0 Prefs [2011-02-01 13:16:11 | 000,000,132 | ---- | M] () -- C:\Users\FastMan\AppData\Roaming\Adobe GIF Format CS5 Prefs [2011-01-21 11:20:15 | 000,107,617 | ---- | M] () -- C:\Users\FastMan\Documents\dtt bas...jpeg [2011-01-13 14:12:07 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-08 19:08:18 | 000,000,671 | ---- | C] () -- C:\Users\Public\Desktop\Lowrider Extreme.lnk [2011-02-05 13:59:39 | 000,000,765 | ---- | C] () -- C:\Users\Public\Desktop\Warsow.lnk [2011-02-05 12:47:10 | 329,159,694 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011-02-01 13:16:11 | 000,000,132 | ---- | C] () -- C:\Users\FastMan\AppData\Roaming\Adobe GIF Format CS5 Prefs [2011-01-21 11:20:06 | 000,107,617 | ---- | C] () -- C:\Users\FastMan\Documents\dtt bas...jpeg [2011-01-09 15:03:15 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini [2010-12-06 19:40:17 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010-11-15 09:01:23 | 000,001,793 | ---- | C] () -- C:\Windows\TSearch.INI [2010-11-02 07:29:46 | 000,003,584 | ---- | C] () -- C:\Users\FastMan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-29 18:17:52 | 000,000,019 | ---- | C] () -- C:\Users\FastMan\AppData\Local\x-plane_install.txt [2010-07-09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010-05-15 12:47:20 | 000,001,456 | ---- | C] () -- C:\Users\FastMan\AppData\Local\Adobe Save for Web 12.0 Prefs [2010-05-13 11:20:43 | 000,000,132 | ---- | C] () -- C:\Users\FastMan\AppData\Roaming\Adobe PNG Format CS5 Prefs [2010-04-05 07:49:16 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [2010-04-05 07:42:37 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll [2010-04-02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010-03-18 14:58:08 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-03-18 14:58:07 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-03-18 14:58:00 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010-03-18 14:58:00 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010-03-18 14:57:54 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010-03-17 17:40:26 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll [2010-02-27 21:58:55 | 000,160,768 | ---- | C] () -- C:\Windows\SysWow64\swscale-0.dll [2010-02-27 21:58:54 | 000,615,936 | ---- | C] () -- C:\Windows\SysWow64\avformat-52.dll [2010-02-27 21:58:54 | 000,057,856 | ---- | C] () -- C:\Windows\SysWow64\avutil-49.dll [2010-02-27 21:58:54 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\myutil.dll [2010-02-27 21:58:53 | 000,012,800 | ---- | C] () -- C:\Windows\SysWow64\avfilter-0.dll [2010-02-27 21:58:53 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\avdevice-52.dll [2010-02-27 21:58:52 | 007,999,488 | ---- | C] () -- C:\Windows\SysWow64\avcodec-51.dll [2010-02-25 10:28:26 | 000,000,278 | ---- | C] () -- C:\Windows\game.ini [2010-02-24 18:22:12 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2010-02-24 16:15:27 | 000,000,600 | ---- | C] () -- C:\Users\FastMan\AppData\Roaming\PUTTY.RND [2010-02-24 16:14:15 | 000,000,600 | -H-- | C] () -- C:\Users\FastMan\AppData\Local\PUTTY.RND [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008-10-07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [color=#E56717]========== LOP Check ==========[/color] [2010-05-04 18:44:44 | 000,000,000 | -HSD | M] -- C:\Users\FastMan\AppData\Roaming\.# [2010-02-27 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Canon [2010-03-12 16:22:06 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Cream Software [2010-10-23 06:39:03 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\DAEMON Tools Lite [2009-12-28 16:59:37 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\DAEMON Tools Pro [2010-02-24 16:14:21 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\FireShot [2010-04-17 12:06:15 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\FlashGet [2010-09-09 17:52:21 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\fretsonfire [2010-02-24 16:14:21 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Gadu-Gadu [2011-01-24 11:29:30 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Gadu-Gadu 10 [2010-12-13 19:24:26 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\GetRightToGo [2010-02-24 16:14:29 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Grisoft [2010-07-23 07:07:02 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\JonDo [2010-02-24 16:14:29 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\LockHunter [2010-10-08 08:42:36 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Notepad++ [2011-02-06 18:13:36 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Nowe Gadu-Gadu [2010-07-15 08:27:36 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Opera [2010-04-03 07:09:19 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Piechnat Soft [2010-02-24 16:15:26 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\PSPdisp [2010-03-17 18:02:41 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Publish Providers [2011-02-08 19:12:34 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\RedDotGames [2010-08-03 09:57:00 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\SA-MP Audio Plugin [2010-10-26 18:01:52 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Screaming Bee [2010-12-06 19:39:33 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Sony [2010-12-24 21:29:25 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Synthesia [2010-02-25 18:49:40 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Thinstall [2010-02-24 16:15:27 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Thunderbird [2010-02-24 20:58:03 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\TS3Client [2010-03-08 19:09:41 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Ubisoft [2010-08-17 17:48:14 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\VSO [2010-02-24 16:15:41 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Warsow 0.5 [2011-02-05 13:58:44 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Warsow 0.6 [2010-03-18 14:40:26 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Youtube Downloader HD [2011-02-04 06:25:08 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 180 bytes -> C:\ProgramData\TEMP:0CE7F3C9 @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:63238B95 @Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86 < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2011-02-11 17:05:05 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = D:\ 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 65,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 65,46 Gb Total Space | 18,28 Gb Free Space | 27,93% Space Free | Partition Type: NTFS Drive D: | 400,30 Gb Total Space | 119,68 Gb Free Space | 29,90% Space Free | Partition Type: NTFS Drive E: | 27,11 Gb Total Space | 18,45 Gb Free Space | 68,06% Space Free | Partition Type: NTFS Drive F: | 149,05 Gb Total Space | 32,30 Gb Free Space | 21,67% Space Free | Partition Type: NTFS Drive H: | 286,77 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive K: | 10,16 Gb Total Space | 1,19 Gb Free Space | 11,75% Space Free | Partition Type: NTFS Computer Name: FASTMANPC | User Name: FastMan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" File not found Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant Administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant Administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series" = Canon MP190 series MP Drivers "{135F3858-7213-4C72-9D1E-508C48952060}" = Windows 7 Manager "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{302725CC-C7B9-4650-8602-7F353B01366A}" = ESET NOD32 Antivirus "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{54A0FF28-05C4-81E3-3CC1-13D0C2519EFF}" = ATI Catalyst Install Manager "{565343AF-BB01-4638-A87A-06D04494796A}" = Desktop Restore "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.4.1 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1 "{B3012F41-D8C7-5ABD-05D1-3EF39D9ACC22}" = WMV9/VC-1 Video Playback "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "{E6456858-8C0C-35CE-96B8-AFFCD205C9FC}" = AMD Drag and Drop Transcoding "{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64 "Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit "Connectify" = Connectify "CyberGhost VPN_is1" = CyberGhost VPN "ffdshow64_is1" = ffdshow x64 v1.1.3631 [2010-11-15] "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.3.0 "TeamSpeak 3 Client" = TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000000-5736-4205-1000-781CD0E19F00}" = Steganos Internet Anonym Pro 7.1.6 "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1" = SWF Opener "{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3 "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store "{0F31532A-16F1-4812-8B7B-D321A4CE91A6}" = Sony Vegas Pro 8.0 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{109D28DA-E555-4896-BF22-E312F764562C}_is1" = Lowrider Extreme "{1104E2E0-9378-455d-9E0E-6235A4E52DB0}_is1" = ArchLord "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 0.6 "{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 22 "{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3 "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{2C294A0B-DF22-4023-B168-8C7645B10019}" = Adobe Setup "{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM) "{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po zmroku "{48FB7C81-0EF5-4857-8849-DD526BAC7A36}" = Java Advanced Imaging 1.1.3 for JRE "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B215C29-1A3E-4736-92AA-10C83FA56EB9}" = Adobe After Effects CS3 Presets "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City "{4C81B6C7-BB47-49DD-B62E-BC26CA973EBF}" = San Vice Role-Play Multiplayer "{4E227EFF-CFBC-415E-A7FD-D6C15CA908AE}" = Desktop Restore "{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live "{51E692DF-521D-4F83-B021-B0D2C4BFA25C}_is1" = MapTiler version 1.0 beta2 "{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{548D4E14-F59D-4FA3-A357-CE5BA0D41D34}" = Opera 11.01 "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{6053FE9B-5473-41D6-AEBF-AD6F98138191}" = Windows Live Movie Maker "{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Nowoczesny apartament Akcesoria "{71BF8787-A67D-4CBC-9155-22927199F4BB}" = TP-LINK Wireless Client Utility "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "{7582D40A-E9AF-480F-8100-68BFCB3441FF}" = San Vice Multiplayer Patch 1.0 "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles "{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1" = VSO Image Resizer 4.0.0.54 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8AF3FB06-BDA3-42A3-995C-308812D2F094}" = Adobe After Effects CS3 "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}" = Virtual Router v0.9 Beta "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Kariera "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{93E6C60C-A6FC-44AD-89F8-085F9A72D6E9}}_is1" = Grand Theft Auto The '95 Story wersja 0.7.5.0b "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live "{99BEB67F-B288-44F5-8B2A-23F5F522A1AE}_is1" = Universal Anticheat 2 v2.30 b300 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}" = Galeria fotografii usługi Windows Live "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AB0DBC9A-422A-4888-A8E5-A32EC1779E68}_is1" = Sunrise Seven 1.1.47 "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.0 - Polish "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader "{B7618997-1B89-4680-A39B-342BBEF8E0D6}_is1" = FreeVPN v3.20 "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Wymarzone Podróże "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C084BC61-E537-11DE-8616-005056806466}" = Google Earth "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C6AC04F5-5916-4A02-BC36-AF5BC0A3CBD4}" = Media Go "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Szybka jazda Akcesoria "{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.078 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F1191B7E-84BF-4325-9FFD-80BD8996ED4B}" = MorphVOX Junior "{F14B8ECC-BDA0-4987-9201-D7B7DBE11045}" = Nero 7 Ultra Edition "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner "{F57CEB84-3D22-4657-8EDA-F8CD5217B83E}" = Mu "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.7 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FD8C6C6D-7EDB-4E33-A66A-C00948D38118}" = GMapCreator "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "3D Driving-School" = 3D Driving-School "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3 "Adobe_b7dd24a87e82dcf8af8876fd727b7cf" = Adobe After Effects CS3 "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "All To PSP Converter_is1" = All To PSP Converter 1.8.0.0 "Android Commander_is1" = Android Commander version 0.7.9.8.2.01 "Audacity_is1" = Audacity 1.2.6 "AV Voice Changer Software DIAMOND 4.0" = AV Voice Changer Software DIAMOND 4.0 "AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0 "Call of Duty: Black Ops_is1" = Call of Duty: Black Ops "CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program "Capriccio" = Capriccio "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Driving Simulator 2009_is1" = Driving Simulator 2009 Version 1.12 "DVD Shrink_is1" = DVD Shrink 3.2 "EADM" = EA Download Manager "ENTERPRISE" = Microsoft Office Enterprise 2007 "FlashGet" = FlashGet 1.9.6.1073 "Fraps" = Fraps (remove only) "HaaliMkx" = Haali Media Splitter "HD Tune_is1" = HD Tune 2.55 "HMIP2009_is1" = Hide My IP 2009 "Indeo® Software" = Indeo® Software "InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{48FB7C81-0EF5-4857-8849-DD526BAC7A36}" = Java Advanced Imaging 1.1.3 for JRE "InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD Ultra "InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.3 (Full) "LogMeIn Hamachi" = LogMeIn Hamachi "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MP Navigator EX 1.2" = Canon MP Navigator EX 1.2 "MTA:SA" = MTA:SA v1.0.4-rc-02033-2-000 "Nero7Lite_is1" = Nero 7 Lite 7.7.5.1 "NK Sender_is1" = NK Sender 1.5 Alpha "Notepad++" = Notepad++ "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NSS" = Norton Security Scan "Polipo" = Polipo 1.0.4.1 "PunkBusterSvc" = PunkBuster Services "QuicktimeAlt_is1" = QuickTime Alternative 3.2.2 "RealAlt_is1" = Real Alternative 1.7.5 "Recover My Files_is1" = Recover My Files "Rejestracja użytkownika drukarki Canon MP190 series" = Rejestracja użytkownika drukarki Canon MP190 series "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set "San Andreas Mod Installer1.1" = San Andreas Mod Installer "Snikers" = Snikers4 "Sniper Ghost Warrior_is1" = Sniper Ghost Warrior "SpeedFan" = SpeedFan (remove only) "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Street Legal Racing Redline" = Street Legal Racing Redline "Synthesia" = Synthesia (remove only) "Tapetowiec_is1" = Tapetowiec "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 2 Server_is1" = TeamSpeak 2 Server RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Tor" = Tor 0.2.1.26 "Tunatic" = Tunatic "Update Engine" = Sony Ericsson Update Engine "Update Service" = Sony Ericsson Update Service "Vidalia" = Vidalia 0.2.10 "Winamp" = Winamp "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "WinRAR archiver" = Archiwizator WinRAR "Worms Reloaded_is1" = Worms Reloaded "Xfire" = Xfire (remove only) "Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.8.1 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Project Tupolev Tu-154m for MS FS2004" = Project Tupolev Tu-154m for MS FS2004 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >

**Posty:** 18165 · przez **wojtas** 11 Lut 2011, 20:27

odinstaluj DAEMON Tools Toolbar

znasz :
Secure Surfing Engine ??

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL
@Alternate Data Stream - 180 bytes -> C:\ProgramData\TEMP:0CE7F3C9
@Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:63238B95
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
O4:64bit: - HKLM..\Run: [Windows Defender] File not found

:Files
C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}

:Reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]
[emptyflash]

Kliknij wykonaj skrypt. I potwierdź reset komputera .

Następnie uruchamiasz OTL z opcją skanuj. Pokazujesz nowy log OTL.txt oraz raport z czyszczenia (zawartość notatnika, która otworzy się po restarcie).

Autor postu otrzymał pochwałę

**Posty:** 376 · przez **FastMan** 12 Lut 2011, 09:02

Daemon tools zarówno program główny jak i toolbar usunięty. Sam program alcohol przeszkadzać nie będzie?

Secure Surfing Engine - nie mam pojęcia, a antywirusów to używam tylko NOD32 i AVG Anti-Spyware, nic innego.

log z czyszczenia:

Kod: Zaznacz wszystko: All processes killed ========== OTL ========== Unable to delete ADS C:\ProgramData\TEMP:0CE7F3C9 . Unable to delete ADS C:\ProgramData\TEMP:63238B95 . Unable to delete ADS C:\ProgramData\TEMP:888AFB86 . 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Defender not found. ========== FILES ========== File\Folder C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D} not found. ========== REGISTRY ========== Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: FastMan ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 205804563 bytes ->Java cache emptied: 33215788 bytes ->FireFox cache emptied: 125823279 bytes ->Opera cache emptied: 10985452 bytes ->Flash cache emptied: 107530 bytes User: Gość ->Temp folder emptied: 18142135 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 8803328 bytes %systemroot%\System32 (64bit) .tmp files removed: 3115008 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 5875166 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50534 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 393,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: FastMan ->Flash cache emptied: 0 bytes User: Gość User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.20.6 log created on 02122011_075108 Files\Folders moved on Reboot... C:\Users\FastMan\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9ED0.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9ED_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9EE0_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9EE1.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9EE2_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9EE3.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9EF4_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9F05.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9F06_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9F07.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9FC2_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9FC3.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9FE.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9FEB_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9FFB.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbk9FF_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA01B_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA01C.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA01D_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA01E.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA02F_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA030.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA031_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA032.tmp not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA032_bogus[1] not found! File\Folder C:\Users\FastMan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z6QEJXY0\wbkA043_bogus[1] not found! Registry entries deleted on Reboot...

skanowanie:

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2011-02-12 07:57:53 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = D:\ 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 65,46 Gb Total Space | 26,57 Gb Free Space | 40,59% Space Free | Partition Type: NTFS Drive D: | 400,30 Gb Total Space | 119,68 Gb Free Space | 29,90% Space Free | Partition Type: NTFS Drive E: | 27,11 Gb Total Space | 18,45 Gb Free Space | 68,06% Space Free | Partition Type: NTFS Drive F: | 149,05 Gb Total Space | 32,30 Gb Free Space | 21,67% Space Free | Partition Type: NTFS Drive K: | 10,16 Gb Total Space | 1,19 Gb Free Space | 11,75% Space Free | Partition Type: NTFS Computer Name: FASTMANPC | User Name: FastMan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" File not found Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant Administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant Administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP190_series" = Canon MP190 series MP Drivers "{135F3858-7213-4C72-9D1E-508C48952060}" = Windows 7 Manager "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64 "{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64 "{302725CC-C7B9-4650-8602-7F353B01366A}" = ESET NOD32 Antivirus "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{54A0FF28-05C4-81E3-3CC1-13D0C2519EFF}" = ATI Catalyst Install Manager "{565343AF-BB01-4638-A87A-06D04494796A}" = Desktop Restore "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum obsługi urządzeń z systemem Windows Mobile "{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64 "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.4.1 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64 "{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4 "{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4 "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007 "{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4 "{92DBCA36-9B41-4DD1-941A-AED149DD37F0}" = Centrum obsługi urządzeń z systemem Windows Mobile — aktualizacja sterowników "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64 "{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1 "{B3012F41-D8C7-5ABD-05D1-3EF39D9ACC22}" = WMV9/VC-1 Video Playback "{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit) "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4 "{E6456858-8C0C-35CE-96B8-AFFCD205C9FC}" = AMD Drag and Drop Transcoding "{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64 "Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit "Connectify" = Connectify "CyberGhost VPN_is1" = CyberGhost VPN "ffdshow64_is1" = ffdshow x64 v1.1.3631 [2010-11-15] "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v3.3.0 "TeamSpeak 3 Client" = TeamSpeak 3 Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00000000-5736-4205-1000-781CD0E19F00}" = Steganos Internet Anonym Pro 7.1.6 "{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4 "{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1" = SWF Opener "{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3 "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4 "{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup "{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store "{0F31532A-16F1-4812-8B7B-D321A4CE91A6}" = Sony Vegas Pro 8.0 "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{109D28DA-E555-4896-BF22-E312F764562C}_is1" = Lowrider Extreme "{1104E2E0-9378-455d-9E0E-6235A4E52DB0}_is1" = ArchLord "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4 "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB "{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Narzędzie do przekazywania usługi Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1" = Warsow 0.6 "{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 22 "{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3 "{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "{2C294A0B-DF22-4023-B168-8C7645B10019}" = Adobe Setup "{2E522ED6-01E2-4207-82D5-B3BFB31B8BD4}" = Windows Live Sync "{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4 "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player "{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4 "{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin "{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM) "{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po zmroku "{48FB7C81-0EF5-4857-8849-DD526BAC7A36}" = Java Advanced Imaging 1.1.3 for JRE "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B215C29-1A3E-4736-92AA-10C83FA56EB9}" = Adobe After Effects CS3 Presets "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City "{4C81B6C7-BB47-49DD-B62E-BC26CA973EBF}" = San Vice Role-Play Multiplayer "{4E227EFF-CFBC-415E-A7FD-D6C15CA908AE}" = Desktop Restore "{51958BA7-21E4-4A8B-9098-CD8375BD17B2}" = Asystent rejestracji usługi Windows Live "{51E692DF-521D-4F83-B021-B0D2C4BFA25C}_is1" = MapTiler version 1.0 beta2 "{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{548D4E14-F59D-4FA3-A357-CE5BA0D41D34}" = Opera 11.01 "{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4 "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{6053FE9B-5473-41D6-AEBF-AD6F98138191}" = Windows Live Movie Maker "{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}" = Grand Theft Auto: Episodes From Liberty City "{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4 "{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Nowoczesny apartament Akcesoria "{71BF8787-A67D-4CBC-9155-22927199F4BB}" = TP-LINK Wireless Client Utility "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "{7582D40A-E9AF-480F-8100-68BFCB3441FF}" = San Vice Multiplayer Patch 1.0 "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles "{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1" = VSO Image Resizer 4.0.0.54 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8AF3FB06-BDA3-42A3-995C-308812D2F094}" = Adobe After Effects CS3 "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}" = Virtual Router v0.9 Beta "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007 "{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007 "{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007 "{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007 "{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007 "{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007 "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007 "{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0044-0415-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Polish) 2007 "{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007 "{90120000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2007 "{90120000-00BA-0415-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Polish) 2007 "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Kariera "{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4 "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "{93E6C60C-A6FC-44AD-89F8-085F9A72D6E9}}_is1" = Grand Theft Auto The '95 Story wersja 0.7.5.0b "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars "{9862473C-E063-4C68-A161-2CDE0E8048A5}" = Podstawowe programy Windows Live "{99BEB67F-B288-44F5-8B2A-23F5F522A1AE}_is1" = Universal Anticheat 2 v2.30 b300 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9CDEAEC9-2F14-4D39-8541-C1EEC4B5D1CB}" = Galeria fotografii usługi Windows Live "{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{AB0DBC9A-422A-4888-A8E5-A32EC1779E68}_is1" = Sunrise Seven 1.1.47 "{AC76BA86-7AD7-1045-7B44-A94000000001}" = Adobe Reader 9.4.0 - Polish "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4 "{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader "{B7618997-1B89-4680-A39B-342BBEF8E0D6}_is1" = FreeVPN v3.20 "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Wymarzone Podróże "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3 "{C084BC61-E537-11DE-8616-005056806466}" = Google Earth "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C35FE07E-24B5-410F-85B7-122087A0C7DD}" = Poczta usługi Windows Live "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program "{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C6AC04F5-5916-4A02-BC36-AF5BC0A3CBD4}" = Media Go "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas "{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = The Sims™ 3 Szybka jazda Akcesoria "{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3 "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.078 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F1191B7E-84BF-4325-9FFD-80BD8996ED4B}" = MorphVOX Junior "{F14B8ECC-BDA0-4987-9201-D7B7DBE11045}" = Nero 7 Ultra Edition "{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner "{F57CEB84-3D22-4657-8EDA-F8CD5217B83E}" = Mu "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.7 "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All "{FD8C6C6D-7EDB-4E33-A66A-C00948D38118}" = GMapCreator "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "3D Driving-School" = 3D Driving-School "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3 "Adobe_b7dd24a87e82dcf8af8876fd727b7cf" = Adobe After Effects CS3 "Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4 "All To PSP Converter_is1" = All To PSP Converter 1.8.0.0 "Android Commander_is1" = Android Commander version 0.7.9.8.2.01 "Audacity_is1" = Audacity 1.2.6 "AV Voice Changer Software DIAMOND 4.0" = AV Voice Changer Software DIAMOND 4.0 "AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0 "Call of Duty: Black Ops_is1" = Call of Duty: Black Ops "CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program "Capriccio" = Capriccio "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "Driving Simulator 2009_is1" = Driving Simulator 2009 Version 1.12 "DVD Shrink_is1" = DVD Shrink 3.2 "EADM" = EA Download Manager "ENTERPRISE" = Microsoft Office Enterprise 2007 "FlashGet" = FlashGet 1.9.6.1073 "Fraps" = Fraps (remove only) "HaaliMkx" = Haali Media Splitter "HD Tune_is1" = HD Tune 2.55 "HijackThis" = HijackThis 2.0.2 "HMIP2009_is1" = Hide My IP 2009 "Indeo® Software" = Indeo® Software "InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch "InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch "InstallShield_{48FB7C81-0EF5-4857-8849-DD526BAC7A36}" = Java Advanced Imaging 1.1.3 for JRE "InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD Ultra "InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch "InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X "InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch "InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch "InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM) "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM) "KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.3 (Full) "LogMeIn Hamachi" = LogMeIn Hamachi "McAfee Security Scan" = McAfee Security Scan Plus "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MP Navigator EX 1.2" = Canon MP Navigator EX 1.2 "MTA:SA" = MTA:SA v1.0.4-rc-02033-2-000 "Nero7Lite_is1" = Nero 7 Lite 7.7.5.1 "NK Sender_is1" = NK Sender 1.5 Alpha "Notepad++" = Notepad++ "Nowe Gadu-Gadu" = Nowe Gadu-Gadu "NSS" = Norton Security Scan "Polipo" = Polipo 1.0.4.1 "PunkBusterSvc" = PunkBuster Services "QuicktimeAlt_is1" = QuickTime Alternative 3.2.2 "RealAlt_is1" = Real Alternative 1.7.5 "Recover My Files_is1" = Recover My Files "Rejestracja użytkownika drukarki Canon MP190 series" = Rejestracja użytkownika drukarki Canon MP190 series "SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set "San Andreas Mod Installer1.1" = San Andreas Mod Installer "Snikers" = Snikers4 "Sniper Ghost Warrior_is1" = Sniper Ghost Warrior "SpeedFan" = SpeedFan (remove only) "Steam App 10180" = Call of Duty: Modern Warfare 2 "Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer "Street Legal Racing Redline" = Street Legal Racing Redline "Synthesia" = Synthesia (remove only) "Tapetowiec_is1" = Tapetowiec "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 2 Server_is1" = TeamSpeak 2 Server RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Tor" = Tor 0.2.1.26 "Tunatic" = Tunatic "Update Engine" = Sony Ericsson Update Engine "Update Service" = Sony Ericsson Update Service "Vidalia" = Vidalia 0.2.10 "Winamp" = Winamp "WinLiveSuite_Wave3" = Podstawowe programy Windows Live "WinRAR archiver" = Archiwizator WinRAR "Worms Reloaded_is1" = Worms Reloaded "Xfire" = Xfire (remove only) "Youtube Downloader HD_is1" = Youtube Downloader HD v. 1.8.1 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Project Tupolev Tu-154m for MS FS2004" = Project Tupolev Tu-154m for MS FS2004 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >

Kod: Zaznacz wszystko: OTL logfile created on: 2011-02-12 07:57:53 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = D:\ 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 57,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 65,46 Gb Total Space | 26,57 Gb Free Space | 40,59% Space Free | Partition Type: NTFS Drive D: | 400,30 Gb Total Space | 119,68 Gb Free Space | 29,90% Space Free | Partition Type: NTFS Drive E: | 27,11 Gb Total Space | 18,45 Gb Free Space | 68,06% Space Free | Partition Type: NTFS Drive F: | 149,05 Gb Total Space | 32,30 Gb Free Space | 21,67% Space Free | Partition Type: NTFS Drive K: | 10,16 Gb Total Space | 1,19 Gb Free Space | 11,75% Space Free | Partition Type: NTFS Computer Name: FASTMANPC | User Name: FastMan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-02-11 17:02:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe PRC - [2010-12-21 15:27:25 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010-12-21 15:27:25 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe PRC - [2010-12-16 16:22:17 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010-12-06 08:31:52 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2010-09-28 01:49:08 | 000,892,992 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectifyd.exe PRC - [2010-09-28 01:49:06 | 001,338,944 | ---- | M] (Connectify) -- C:\Program Files (x86)\Connectify\Connectify.exe PRC - [2010-07-28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe PRC - [2009-05-14 14:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe PRC - [2008-01-22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE PRC - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-02-11 17:02:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe MOD - [2009-07-14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-11-26 03:54:12 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010-07-28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) [Auto | Running] -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc) SRV:[b]64bit:[/b] - [2010-02-24 16:49:59 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009-05-14 14:54:26 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV:[b]64bit:[/b] - [2009-05-14 14:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn) SRV - [2010-12-16 16:22:17 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010-12-06 08:31:50 | 002,101,640 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-10-26 16:05:24 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion) SRV - [2010-09-28 01:49:08 | 000,892,992 | ---- | M] (Connectify) [Auto | Running] -- C:\Program Files (x86)\Connectify\Connectifyd.exe -- (Connectify) SRV - [2010-03-08 20:40:00 | 003,396,680 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010-02-24 16:49:54 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-02-09 15:15:09 | 000,326,792 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010-01-15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-11-18 13:40:26 | 000,012,288 | ---- | M] (Chris Pietschmann (http://pietschsoft.com)) [Auto | Running] -- C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe -- (Virtual Router) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-01-22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC) SRV - [2007-05-31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007-05-31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-12-06 21:35:07 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri) DRV:[b]64bit:[/b] - [2010-12-05 16:32:11 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:[b]64bit:[/b] - [2010-12-05 16:32:11 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:[b]64bit:[/b] - [2010-11-26 05:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2010-11-26 05:20:20 | 008,120,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-11-26 03:16:46 | 000,289,792 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-08-11 14:39:24 | 000,034,880 | ---- | M] (Connectify) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\connctfy.sys -- (connctfyMP) DRV:[b]64bit:[/b] - [2010-08-11 14:39:24 | 000,034,880 | ---- | M] (Connectify) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\connctfy.sys -- (connctfy) DRV:[b]64bit:[/b] - [2010-04-07 16:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2010-02-25 17:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901) DRV:[b]64bit:[/b] - [2010-02-03 14:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2009-12-30 11:21:24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt) DRV:[b]64bit:[/b] - [2009-12-01 14:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009-06-10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 21:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-14 14:49:56 | 000,121,152 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:[b]64bit:[/b] - [2009-05-14 14:47:16 | 000,134,024 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2009-05-14 14:41:14 | 000,142,776 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon) DRV:[b]64bit:[/b] - [2009-02-23 14:58:56 | 000,118,272 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser) DRV:[b]64bit:[/b] - [2008-02-12 02:59:18 | 000,297,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VMM.sys -- (vmm) DRV:[b]64bit:[/b] - [2008-02-05 00:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2) DRV:[b]64bit:[/b] - [2007-10-05 09:18:06 | 000,040,832 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus) DRV:[b]64bit:[/b] - [2007-10-05 09:18:06 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini) DRV:[b]64bit:[/b] - [2007-05-01 16:03:40 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiH2586.sys -- (SaiH2586) DRV:[b]64bit:[/b] - [2007-05-01 15:05:32 | 000,171,144 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiHFF04.sys -- (SaiHFF04) DRV:[b]64bit:[/b] - [2007-05-01 15:05:32 | 000,020,608 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiIFF04.sys -- (SaiIFF04) Immersion's HID USB Driver (FF04) DRV:[b]64bit:[/b] - [2005-03-28 10:30:36 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2008-08-14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) DRV - [2007-09-19 21:37:50 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) DRV - [2007-02-07 19:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) DRV - [2005-01-04 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://shop.thefreevpn.com/home.php IE - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://wp.pl" FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.5.2 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.21.0 FF - prefs.js..extensions.enabledItems: {3474c305-9dad-11d8-9207-00055d74c2e4}:0.4.10 FF - prefs.js..extensions.enabledItems: check4change-owner@mozdev.org:1.7 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.0 FF - prefs.js..extensions.enabledItems: coc@ble.pl:2.2.0.3.7 FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:0.3 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010-12-30 18:21:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010-12-21 15:27:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-04-17 09:57:36 | 000,000,000 | ---D | M] [2010-02-24 16:14:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Extensions [2009-12-28 17:13:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010-02-24 16:32:39 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Screengrab) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010-02-24 16:32:35 | 000,000,000 | -H-D | M] (FireShot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2010-02-24 16:32:36 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-02-24 16:32:35 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Bookmark Backup) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4} [2010-02-24 16:32:35 | 000,000,000 | -H-D | M] (ReloadEvery) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2010-02-24 16:32:35 | 000,000,000 | -H-D | M] (Megaupload Toolbar) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D} [2010-02-24 16:32:36 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Abduction!) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255} [2010-02-24 16:32:36 | 000,000,000 | ---D | M] ("All-Glass Firefox mod, based on Glasser") -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\allglassv2@ambroos.neowin.net [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Autofill Forms) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\autofillForms@blueimp.net [2010-02-24 16:32:36 | 000,000,000 | -H-D | M] (Battlefield Heroes Updater) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\battlefieldheroespatcher@ea.com [2010-02-24 16:32:36 | 000,000,000 | ---D | M] (Check4Change) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\check4change-owner@mozdev.org [2010-02-24 16:32:37 | 000,000,000 | ---D | M] (NEW Glasser by SzymekPL) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\coc@ble.pl [2010-02-24 16:32:38 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\firebug@software.joehewitt.com [2010-02-24 16:32:39 | 000,000,000 | ---D | M] (Tab Scope) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\7h2dqkcj.default\extensions\tabscope@xuldev.org [2011-02-12 07:50:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Screengrab) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010-02-24 16:32:25 | 000,000,000 | -H-D | M] (FireShot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2010-02-24 16:32:26 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-02-24 16:32:25 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Bookmark Backup) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4} [2010-02-24 16:32:25 | 000,000,000 | -H-D | M] (ReloadEvery) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2010-02-24 16:32:26 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Abduction!) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2010-10-23 09:23:09 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010-02-24 16:32:26 | 000,000,000 | ---D | M] ("All-Glass Firefox mod, based on Glasser") -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\allglassv2@ambroos.neowin.net [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Autofill Forms) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\autofillForms@blueimp.net [2010-02-24 16:32:26 | 000,000,000 | -H-D | M] (Battlefield Heroes Updater) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\battlefieldheroespatcher@ea.com [2010-02-24 16:32:26 | 000,000,000 | ---D | M] (Check4Change) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\check4change-owner@mozdev.org [2010-02-24 16:32:27 | 000,000,000 | ---D | M] (NEW Glasser by SzymekPL) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\coc@ble.pl [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\DTToolbar@toolbarnet.com [2010-02-24 16:32:29 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\firebug@software.joehewitt.com [2010-10-23 09:23:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\lockerzplayextended@flies [2010-02-24 16:32:29 | 000,000,000 | ---D | M] (Tab Scope) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\tabscope@xuldev.org [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\91v7es8i.default\extensions\vsc@briks.si [2011-02-12 07:49:31 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions [2010-10-31 07:01:01 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010-10-31 07:01:58 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2010-10-24 06:54:53 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-02-24 16:15:09 | 000,000,000 | -H-D | M] (Bookmark Backup) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2010-02-24 16:15:12 | 000,000,000 | -H-D | M] (Abduction!) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{b0e1b4a6-2c6f-4e99-94f2-8e625d7ae255} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\allglassv2@ambroos.neowin.net [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\autofillForms@blueimp.net [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\check4change-owner@mozdev.org [2010-10-23 09:23:48 | 000,000,000 | ---D | M] (NEW Glasser by SzymekPL) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\coc@ble.pl [2010-06-20 14:40:08 | 000,000,000 | ---D | M] (Firebug) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\firebug@software.joehewitt.com [2010-06-26 07:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\lockerzplayextended@flies [2010-10-24 06:54:53 | 000,000,000 | ---D | M] (Tab Scope) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\tabscope@xuldev.org [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\FastMan\AppData\Roaming\mozilla\Firefox\Profiles\uotk2l6c.default\extensions\vsc@briks.si [2009-05-23 17:02:20 | 000,002,399 | -H-- | M] () -- C:\Users\FastMan\AppData\Roaming\Mozilla\Firefox\Profiles\7h2dqkcj.default\searchplugins\daemon-search.xml [2011-02-11 16:20:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-11-16 20:04:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-10-23 09:21:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\staff@hide-my-ip.com File not found (No name found) -- C:\USERS\FASTMAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UOTK2L6C.DEFAULT\EXTENSIONS\BATTLEFIELDHEROESPATCHER@EA.COM [2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-10-12 21:19:45 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2010-10-12 21:19:45 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-10-12 21:19:45 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2010-10-12 21:19:45 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2010-10-12 21:19:45 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-10-12 21:19:45 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-02-08 19:04:43 | 000,001,397 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 serial.alcohol-soft.com O1 - Hosts: 127.0.0.1 www.alcohol-soft.com O1 - Hosts: 127.0.0.1 images.alcohol-soft.com O1 - Hosts: 127.0.0.1 trial.alcohol-soft.com O1 - Hosts: 127.0.0.1 alcohol-soft.com O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 gosredirector.com O1 - Hosts: 127.0.0.1 gosgvaprod-qos01.com O1 - Hosts: 127.0.0.1 gosiadprod-qos01.com O1 - Hosts: 127.0.0.1 gossjcprod-qos01.com O1 - Hosts: 127.0.0.1 demangler.com O1 - Hosts: 127.0.0.1 vmp.tools.gos.com O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL (Microsoft Corporation) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\FastMan\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O3 - HKLM\..\Toolbar: (Steganos Internet Anonym) - {00000000-5736-4205-0008-781cd0e19f00} - c:\program files (x86)\steganos internet anonym pro 7\siapro7iep.dll () O3 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\..\Toolbar\WebBrowser: (Steganos Internet Anonym) - {00000000-5736-4205-0008-781CD0E19F00} - c:\program files (x86)\steganos internet anonym pro 7\siapro7iep.dll () O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime Alternative\QTTask.exe (Apple Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team) O4 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000..\Run: [Connectify] C:\Program Files (x86)\Connectify\Connectify.exe (Connectify) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 0 O7 - HKU\S-1-5-21-3185712835-2826046332-548961173-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1 O8:[b]64bit:[/b] - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm () O8:[b]64bit:[/b] - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm () O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files (x86)\FlashGet\jc_all.htm () O8 - Extra context menu item: &Download with FlashGet - C:\Program Files (x86)\FlashGet\jc_link.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe (FlashGet.com) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\Secure Surfing Engine\sselsp.dll () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windupdt\winupdate.exe) - File not found O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-12-21 17:18:44 | 000,462,156 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2008-02-11 12:36:27 | 000,000,000 | ---- | M] () - K:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-01-30 07:37:47 | 000,217,578 | ---- | M] () - K:\AutoMapaSetupLog.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-02-08 19:12:34 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\RedDotGames [2011-02-08 19:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play [2011-02-08 19:08:09 | 003,690,496 | ---- | C] (Truevision3D LLC) -- C:\Windows\SysWow64\tv3d65.dll [2011-02-06 14:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nebudroid [2011-02-06 14:13:48 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nebudroid [2011-02-06 14:13:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nebudroid [2011-02-05 13:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warsow 0.6 [2011-02-05 13:58:44 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\Warsow 0.6 [2011-02-05 12:47:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011-01-23 19:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driving Simulator 2009 [2011-01-23 19:12:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Lightrock Entertainment [2011-01-23 18:57:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Driving-School [2011-01-20 15:07:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USB Vibration [2011-01-18 15:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia [2011-01-18 15:58:08 | 000,000,000 | ---D | C] -- C:\Users\FastMan\Documents\Synthesia Music [2011-01-18 15:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Synthesia [2011-01-17 16:01:39 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project Tupolev Tu-154m for MS FS2004 [2011-01-14 11:02:43 | 000,000,000 | ---D | C] -- C:\Users\FastMan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2011-01-14 11:02:38 | 000,000,000 | ---D | C] -- C:\Program Files\Fraps [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-02-12 07:53:42 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-02-12 07:53:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-12 07:53:01 | 000,024,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-12 07:53:01 | 000,024,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-12 07:52:59 | 003,407,872 | -HS- | M] () -- C:\Users\FastMan\NTUSER.DAT [2011-02-12 07:52:57 | 002,783,113 | -H-- | M] () -- C:\Users\FastMan\AppData\Local\IconCache.db [2011-02-11 18:25:05 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini [2011-02-10 19:17:00 | 000,000,502 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for FastMan.job [2011-02-10 16:02:47 | 000,143,280 | ---- | M] () -- C:\Windows\SysNative\GDIPFONTCACHEV1.DAT [2011-02-09 07:10:27 | 003,495,768 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-02-08 19:23:58 | 000,143,280 | ---- | M] () -- C:\Windows\SysWow64\GDIPFONTCACHEV1.DAT [2011-02-08 19:08:18 | 000,000,671 | ---- | M] () -- C:\Users\Public\Desktop\Lowrider Extreme.lnk [2011-02-05 22:36:55 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011-02-05 22:36:55 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-02-05 22:36:38 | 000,234,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011-02-05 13:59:39 | 000,000,765 | ---- | M] () -- C:\Users\Public\Desktop\Warsow.lnk [2011-02-05 12:47:10 | 329,159,694 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-02-01 13:40:06 | 000,000,132 | ---- | M] () -- C:\Users\FastMan\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011-02-01 13:19:46 | 000,001,456 | ---- | M] () -- C:\Users\FastMan\AppData\Local\Adobe Save for Web 12.0 Prefs [2011-02-01 13:16:11 | 000,000,132 | ---- | M] () -- C:\Users\FastMan\AppData\Roaming\Adobe GIF Format CS5 Prefs [2011-01-21 11:20:15 | 000,107,617 | ---- | M] () -- C:\Users\FastMan\Documents\dtt bas...jpeg [2011-01-13 14:12:07 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-08 19:08:18 | 000,000,671 | ---- | C] () -- C:\Users\Public\Desktop\Lowrider Extreme.lnk [2011-02-05 13:59:39 | 000,000,765 | ---- | C] () -- C:\Users\Public\Desktop\Warsow.lnk [2011-02-05 12:47:10 | 329,159,694 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011-02-01 13:16:11 | 000,000,132 | ---- | C] () -- C:\Users\FastMan\AppData\Roaming\Adobe GIF Format CS5 Prefs [2011-01-30 13:37:08 | 002,783,113 | -H-- | C] () -- C:\Users\FastMan\AppData\Local\IconCache.db [2011-01-21 11:20:06 | 000,107,617 | ---- | C] () -- C:\Users\FastMan\Documents\dtt bas...jpeg [2011-01-09 15:03:15 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini [2010-12-06 19:40:17 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010-11-15 09:01:23 | 000,001,793 | ---- | C] () -- C:\Windows\TSearch.INI [2010-11-02 07:29:46 | 000,003,584 | ---- | C] () -- C:\Users\FastMan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-29 18:17:52 | 000,000,019 | ---- | C] () -- C:\Users\FastMan\AppData\Local\x-plane_install.txt [2010-07-09 20:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010-05-15 12:47:20 | 000,001,456 | ---- | C] () -- C:\Users\FastMan\AppData\Local\Adobe Save for Web 12.0 Prefs [2010-05-13 11:20:43 | 000,000,132 | ---- | C] () -- C:\Users\FastMan\AppData\Roaming\Adobe PNG Format CS5 Prefs [2010-04-05 07:49:16 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [2010-04-05 07:42:37 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll [2010-04-02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010-03-18 14:58:08 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-03-18 14:58:07 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-03-18 14:58:00 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010-03-18 14:58:00 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010-03-18 14:57:54 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010-03-18 14:57:54 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2010-03-17 17:40:26 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll [2010-02-27 21:58:55 | 000,160,768 | ---- | C] () -- C:\Windows\SysWow64\swscale-0.dll [2010-02-27 21:58:54 | 000,615,936 | ---- | C] () -- C:\Windows\SysWow64\avformat-52.dll [2010-02-27 21:58:54 | 000,057,856 | ---- | C] () -- C:\Windows\SysWow64\avutil-49.dll [2010-02-27 21:58:54 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\myutil.dll [2010-02-27 21:58:53 | 000,012,800 | ---- | C] () -- C:\Windows\SysWow64\avfilter-0.dll [2010-02-27 21:58:53 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\avdevice-52.dll [2010-02-27 21:58:52 | 007,999,488 | ---- | C] () -- C:\Windows\SysWow64\avcodec-51.dll [2010-02-25 10:28:26 | 000,000,278 | ---- | C] () -- C:\Windows\game.ini [2010-02-24 18:22:12 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2010-02-24 16:15:27 | 000,000,600 | ---- | C] () -- C:\Users\FastMan\AppData\Roaming\PUTTY.RND [2010-02-24 16:14:15 | 000,000,600 | -H-- | C] () -- C:\Users\FastMan\AppData\Local\PUTTY.RND [2010-02-24 16:10:10 | 000,141,728 | -H-- | C] () -- C:\Users\FastMan\AppData\Local\GDIPFONTCACHEV1.DAT [2009-07-14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini [2009-07-14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini [2009-07-14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009-07-14 03:34:57 | 000,000,627 | ---- | C] () -- C:\Windows\win.ini [2009-07-14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2008-10-07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2008-10-07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2008-10-07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [color=#E56717]========== LOP Check ==========[/color] [2010-05-04 18:44:44 | 000,000,000 | -HSD | M] -- C:\Users\FastMan\AppData\Roaming\.# [2010-02-27 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Canon [2010-03-12 16:22:06 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Cream Software [2010-10-23 06:39:03 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\DAEMON Tools Lite [2009-12-28 16:59:37 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\DAEMON Tools Pro [2010-02-24 16:14:21 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\FireShot [2010-04-17 12:06:15 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\FlashGet [2010-09-09 17:52:21 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\fretsonfire [2010-02-24 16:14:21 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Gadu-Gadu [2011-01-24 11:29:30 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Gadu-Gadu 10 [2010-12-13 19:24:26 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\GetRightToGo [2010-02-24 16:14:29 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Grisoft [2010-07-23 07:07:02 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\JonDo [2010-02-24 16:14:29 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\LockHunter [2010-10-08 08:42:36 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Notepad++ [2011-02-06 18:13:36 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Nowe Gadu-Gadu [2010-07-15 08:27:36 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Opera [2010-04-03 07:09:19 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Piechnat Soft [2010-02-24 16:15:26 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\PSPdisp [2010-03-17 18:02:41 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Publish Providers [2011-02-08 19:12:34 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\RedDotGames [2010-08-03 09:57:00 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\SA-MP Audio Plugin [2010-10-26 18:01:52 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Screaming Bee [2010-12-06 19:39:33 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Sony [2010-12-24 21:29:25 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Synthesia [2010-02-25 18:49:40 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Thinstall [2010-02-24 16:15:27 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Thunderbird [2010-02-24 20:58:03 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\TS3Client [2010-03-08 19:09:41 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Ubisoft [2010-08-17 17:48:14 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\VSO [2010-02-24 16:15:41 | 000,000,000 | -H-D | M] -- C:\Users\FastMan\AppData\Roaming\Warsow 0.5 [2011-02-05 13:58:44 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Warsow 0.6 [2010-03-18 14:40:26 | 000,000,000 | ---D | M] -- C:\Users\FastMan\AppData\Roaming\Youtube Downloader HD [2011-02-04 06:25:08 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >

**Posty:** 18165 · przez **wojtas** 12 Lut 2011, 15:42

Uruchom OTL i w sekcji własne opcje skanowania / skrypt wklej:

:OTL

:Files
C:\Program Files (x86)\Secure Surfing Engine

Kliknij wykonaj skrypt.

*Uruchom OTL z opcji sprzątanie.
* wykonaj optymalizację Windowsa ( instrukcja dla Windowsa XP, lecz w innych systemach jest podobnie )
* zrób pełny skan Malwarebytes Anti-Malware (zaktualizuj, usuń co znajdzie )
* Skasuj stan przywracania systemu

Zaktualizuj zabezpieczenia:
>>> Adobe Reader (bez Free McAfee® Security Scan Plus)
>>> Java™ 6 Update 23

**Posty:** 376 · przez **FastMan** 13 Lut 2011, 09:03

Coś tego nie usunęło.

Kod: Zaznacz wszystko: ========== OTL ========== ========== FILES ========== Folder move failed. C:\Program Files (x86)\Secure Surfing Engine scheduled to be moved on reboot. OTL by OldTimer - Version 3.2.20.6 log created on 02132011_074145 Files\Folders moved on Reboot... Folder move failed. C:\Program Files (x86)\Secure Surfing Engine scheduled to be moved on reboot. Registry entries deleted on Reboot...

Malwarebytes nic nie znalazło.

**Posty:** 18165 · przez **wojtas** 13 Lut 2011, 17:33

nie usunęło to usuń może sam .. po za tym nic więcej nie ma

**Posty:** 376 · przez **FastMan** 14 Lut 2011, 09:35

Piszę z innego komputera.

Spróbowałem usunąć pozostałe pliki od tego Secure Surfing Engine, w tym celu użyłem programu Process Explorer żeby wyszukać które procesy korzystają z tego jednego który pozostał (sselsp.dll), pojawiło się kilka procesów, między innymi właśnie programy które łączą się z internetem a poza tym PnkBstrA.exe oraz jeszcze jeden proces którego nie pamiętam nazwy a po restarcie już go nie ma. Mianowicie teraz mam taki problem że po restarcie komputera nie mam internetu, i co najważniejsze tutaj, właśnie ten proces który zamykałem i nazwy nie pamiętam się nie odpalił, co mogę zrobić w tym przypadku?

Dodam że nazwa procesu była trochę dłuższa.

Dodano 14.02.2011 08:55:39:
Zrobiłem przywracanie systemu, przywróciło mi ten plik i już mam internet, proces który wtedy spowodował utratę internetu (tak mi się wydaje przynajmniej) to mDNSresponder.exe lub StarWindServiceAE.exe, obydwa korzystają z tej dll'ki. W związku z tym pytanie, czy jest jakaś możliwość żeby usunąć inaczej ten plik bez utraty internetu? Czy może jest on w jakiś sposób potrzebny, dodam od razu że np. po formacie nie muszę instalować żadnego dodatkowego oprogramowania do internetu, wystarczy że wpiszę dane TCP do karty sieciowej, podepnę kabel i wszystko działa.

**Posty:** 18165 · przez **wojtas** 14 Lut 2011, 15:49

ten pierwszy jest od :
http://www.searchengines.pl/Usuwanie-Bonjour-Service-t103177.html

a drugi jest najprawdopodobniej od Alcohola : StarWindServiceAE.exe

Kto jest na forum