OTL logfile created on: 2012-08-01 11:16:16 - Run 3
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\admin\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
8,00 Gb Total Physical Memory | 6,06 Gb Available Physical Memory | 75,72% Memory free
15,99 Gb Paging File | 13,73 Gb Available in Paging File | 85,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 390,53 Gb Total Space | 220,71 Gb Free Space | 56,51% Space Free | Partition Type: NTFS
Drive D: | 268,55 Gb Total Space | 157,00 Gb Free Space | 58,46% Space Free | Partition Type: NTFS
Drive E: | 272,33 Gb Total Space | 170,81 Gb Free Space | 62,72% Space Free | Partition Type: NTFS
 
Computer Name: ADMIN-KOMPUTER | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-08-01 11:12:13 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012-07-31 23:14:20 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
PRC - [2012-07-05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012-05-23 12:42:40 | 003,407,496 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2012-05-16 15:44:58 | 001,084,840 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012-04-22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012-04-22 13:50:36 | 000,126,504 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2012-04-22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2012-03-26 11:24:58 | 001,516,600 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012-02-14 16:31:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011-08-20 18:21:52 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011-08-02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011-07-11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2011-06-01 15:14:56 | 013,349,472 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
PRC - [2011-02-01 16:27:40 | 003,265,944 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2010-05-25 17:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2009-10-15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009-10-15 14:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009-08-24 14:38:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-08-01 11:12:13 | 020,316,496 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012-08-01 11:12:13 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012-08-01 11:12:13 | 000,900,944 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2012-08-01 11:12:13 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012-08-01 11:12:13 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012-07-27 00:00:49 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
MOD - [2012-05-23 12:42:40 | 018,604,544 | ---- | M] () -- C:\Program Files (x86)\Origin\QtWebKit4.dll
MOD - [2012-05-23 12:42:40 | 009,440,256 | ---- | M] () -- C:\Program Files (x86)\Origin\QtGui4.dll
MOD - [2012-05-23 12:42:40 | 003,564,544 | ---- | M] () -- C:\Program Files (x86)\Origin\QtXmlPatterns4.dll
MOD - [2012-05-23 12:42:40 | 002,694,144 | ---- | M] () -- C:\Program Files (x86)\Origin\QtCore4.dll
MOD - [2012-05-23 12:42:40 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\Origin\QtNetwork4.dll
MOD - [2012-05-23 12:42:40 | 000,413,184 | ---- | M] () -- C:\Program Files (x86)\Origin\QtXml4.dll
MOD - [2012-05-23 12:42:40 | 000,312,320 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff4.dll
MOD - [2012-05-23 12:42:40 | 000,264,192 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng4.dll
MOD - [2012-05-23 12:42:40 | 000,211,456 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg4.dll
MOD - [2012-05-23 12:42:40 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico4.dll
MOD - [2012-05-23 12:42:40 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif4.dll
MOD - [2012-05-16 15:45:56 | 000,276,392 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
MOD - [2012-05-16 15:45:40 | 002,652,584 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012-05-16 15:45:40 | 000,363,944 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012-05-16 15:45:38 | 011,166,120 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012-05-16 15:45:36 | 001,346,472 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012-05-16 15:45:36 | 000,205,736 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012-05-16 15:45:34 | 001,013,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012-05-16 15:45:34 | 000,720,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012-05-16 15:45:32 | 008,506,280 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012-05-16 15:45:32 | 000,520,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012-05-16 15:45:30 | 002,480,552 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012-05-16 15:45:30 | 002,353,576 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012-05-16 15:45:28 | 000,445,864 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012-05-16 15:45:22 | 000,206,760 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
MOD - [2012-05-16 15:45:22 | 000,035,240 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
MOD - [2012-05-16 15:45:20 | 000,032,680 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
MOD - [2012-05-16 15:44:54 | 000,437,672 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
MOD - [2012-05-16 15:44:16 | 000,604,072 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012-05-16 13:46:28 | 000,391,056 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012-05-16 13:46:28 | 000,059,280 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
MOD - [2012-05-16 13:45:30 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012-03-26 11:25:32 | 000,345,656 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2012-03-26 11:25:32 | 000,282,168 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2012-03-26 11:25:26 | 008,197,176 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
MOD - [2012-03-26 11:25:26 | 002,302,008 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2012-03-26 11:25:24 | 000,027,704 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2012-03-26 11:25:22 | 000,202,296 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2011-07-29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011-07-29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011-06-01 15:15:42 | 000,217,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\gglog.dll
MOD - [2011-06-01 15:15:40 | 000,123,488 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipcradioproxy.dll
MOD - [2011-06-01 15:15:38 | 000,017,504 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggipc.dll
MOD - [2011-06-01 15:15:36 | 000,027,744 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcrypto.dll
MOD - [2011-06-01 15:15:32 | 000,356,960 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\ggcommon.dll
MOD - [2011-04-16 05:04:30 | 014,749,696 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtWebKit4.dll
MOD - [2011-02-17 11:00:28 | 001,781,760 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtScript4.dll
MOD - [2011-02-17 11:00:28 | 000,393,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtXml4.dll
MOD - [2011-02-17 11:00:28 | 000,327,680 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtSvg4.dll
MOD - [2011-02-17 11:00:26 | 001,044,480 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtNetwork4.dll
MOD - [2011-02-17 11:00:24 | 009,097,216 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtGui4.dll
MOD - [2011-02-17 11:00:24 | 002,560,000 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\QtCore4.dll
MOD - [2011-02-17 10:59:40 | 000,311,296 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qtiff4.dll
MOD - [2011-02-17 10:59:40 | 000,274,432 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qmng4.dll
MOD - [2011-02-17 10:59:40 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qjpeg4.dll
MOD - [2011-02-17 10:59:40 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qgif4.dll
MOD - [2011-02-17 10:59:40 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\imageformats\qsvg4.dll
MOD - [2011-02-17 10:59:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Gadu-Gadu 10\zlib1.dll
MOD - [2009-06-27 10:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011-10-16 22:13:02 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:[b]64bit:[/b] - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-08-01 11:12:13 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-07-27 00:00:49 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-07-05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012-07-03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-06-15 12:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012-06-15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-04-22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012-03-01 02:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012-02-29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012-02-14 16:31:01 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009-10-15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009-08-24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2012-04-22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:[b]64bit:[/b] - [2012-01-17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012-01-09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2012-01-09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2012-01-09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2012-01-09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2011-08-29 19:35:58 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:[b]64bit:[/b] - [2011-08-29 19:34:08 | 000,845,560 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2011-08-17 22:44:46 | 000,053,376 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2011-06-24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:[b]64bit:[/b] - [2011-01-25 12:40:06 | 000,142,936 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:[b]64bit:[/b] - [2010-06-17 11:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:[b]64bit:[/b] - [2010-04-27 11:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:[b]64bit:[/b] - [2010-03-22 11:57:20 | 000,347,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2010-02-18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:[b]64bit:[/b] - [2010-01-05 19:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2008-01-17 15:13:46 | 000,016,432 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GF0268.sys -- (GF0268)
DRV - [2012-08-01 11:12:01 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012-02-27 15:44:49 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2010-03-12 05:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{08A930D9-70CD-4fce-8C7C-080190AD7F82}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
IE - HKCU\..\SearchScopes\{79F24EA0-E999-4b7a-B456-351E1FAA3F88}: "URL" = http://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
IE - HKCU\..\SearchScopes\{96E6005B-1A1B-478D-AB34-327570FE11A6}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\opencandy.com/OpenCandyIgnite: C:\Users\admin\AppData\Local\OpenCandy\Ignite\npIgnite.1.1.0.75.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-23 19:18:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012-07-21 12:03:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-07-12 23:31:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-08-01 11:06:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\admin\AppData\Roaming\IDM\idmmzcc3 [2011-11-13 17:23:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\admin\AppData\Roaming\IDM\idmmzcc3 [2011-11-13 17:23:19 | 000,000,000 | ---D | M]
 
[2011-08-20 15:18:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions
[2012-08-01 11:00:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\mqp9w8si.default\extensions
[2012-06-18 15:00:52 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\mqp9w8si.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012-02-17 19:27:51 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\mqp9w8si.default\extensions\battlefieldplay4free@ea.com
[2012-06-15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-09-16 22:53:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011-07-11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012-06-15 01:13:23 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2012-06-15 01:13:23 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2012-06-15 01:13:23 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2012-06-15 01:13:23 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2012-06-15 01:13:23 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-06-15 01:13:23 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: 
CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = http://startsear.ch/?aff=2&src=sp&cf=b1d6159e-1ace-11e1-9805-1c6f65bb9312&q={searchTerms}
CHR - default_search_provider: suggest_url = 
CHR - Extension: SiteAdvisor = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.1_0\
CHR - Extension: Skype Click to Call = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2012-02-27 17:55:37 | 000,001,898 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.secuser.com
O1 - Hosts: 127.0.0.1 a188.x.akamai.net
O1 - Hosts: 127.0.0.1 liveupdate.symantec.d4p.net
O1 - Hosts: 127.0.0.1 free.grisoft.cz
O1 - Hosts: 127.0.0.1 tds.diamondcs.com.au
O1 - Hosts: 127.0.0.1 ieupdate.gdata.de
O1 - Hosts: 127.0.0.1 ieupdate6.gdata.de
O1 - Hosts: 127.0.0.1 ieupdate5.gdata.de
O1 - Hosts: 127.0.0.1 ieupdate4.gdata.de
O1 - Hosts: 127.0.0.1 ieupdate3.gdata.de
O1 - Hosts: 127.0.0.1 ieupdate2.gdata.de
O1 - Hosts: 127.0.0.1 ieupdate1.gdata.de
O1 - Hosts: 127.0.0.1 www.iavs.cz
O1 - Hosts: 127.0.0.1 download7.avast.com
O1 - Hosts: 127.0.0.1 download6.avast.com
O1 - Hosts: 127.0.0.1 download5.avast.com
O1 - Hosts: 127.0.0.1 download4.avast.com
O1 - Hosts: 127.0.0.1 download3.avast.com
O1 - Hosts: 127.0.0.1 download2.avast.com
O1 - Hosts: 127.0.0.1 download1.avast.com
O1 - Hosts: 127.0.0.1 upgrade.bitdefender.com
O1 - Hosts: 127.0.0.1 www.lavasoftusa.com
O1 - Hosts: 127.0.0.1 www.a-2.org
O1 - Hosts: 127.0.0.1 updates.a-2.org
O1 - Hosts: 127.0.0.1 niuone.norman.no
O1 - Hosts: 160 more lines...
O2:[b]64bit:[/b] - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (extrafind) - {a6a5203f-bf82-396f-08b9-30597977bef8} - C:\Windows\SysWow64\63ad9c69.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B1D05F4-D17C-40E7-8506-697EA6FFF803}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5B27119-958A-49B7-807D-FC77B3EC7496}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: cmdlutou - (C:\Windows\system32\b5eclder64.dll) -  File not found
O36 - AppCertDlls: rrinated - (C:\Windows\system32\b5eclder.dll) - C:\Windows\SysWOW64\b5eclder.dll (FRISK Software International)
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-07-31 23:19:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-07-31 23:15:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012-07-31 23:10:55 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2012-07-31 23:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012-07-31 22:58:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
[2012-07-31 22:58:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridinSoft Trojan Killer
[2012-07-31 21:03:20 | 000,062,464 | -H-- | C] (FRISK Software International) -- C:\Windows\SysNative\b5eclder64.dll
[2012-07-31 21:03:20 | 000,056,320 | -H-- | C] (FRISK Software International) -- C:\Windows\SysWow64\b5eclder.dll
[2012-07-16 15:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012-07-12 23:31:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012-07-08 12:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012-07-05 23:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebEye
[2012-07-05 23:23:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebEye
[2012-07-05 23:17:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio
[2012-07-05 23:17:39 | 000,000,000 | ---D | C] -- C:\Windows\WebCam
[2012-07-05 23:17:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebCam
[2012-07-05 23:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB2.0 Web Camera
[2012-07-05 23:17:39 | 000,000,000 | ---D | C] -- C:\Windows\M10Setup
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-08-01 11:17:57 | 001,560,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-08-01 11:17:57 | 000,700,548 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012-08-01 11:17:57 | 000,618,664 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-08-01 11:17:57 | 000,137,946 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012-08-01 11:17:57 | 000,108,240 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-08-01 11:12:05 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-08-01 11:12:01 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012-08-01 11:11:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-01 11:11:54 | 2145,558,527 | -HS- | M] () -- C:\hiberfil.sys
[2012-08-01 11:11:15 | 000,013,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-01 11:11:15 | 000,013,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-01 11:10:28 | 000,632,049 | ---- | M] () -- C:\Users\admin\Desktop\adwcleaner.exe
[2012-07-31 23:14:20 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Desktop\OTL.exe
[2012-07-31 22:58:08 | 000,001,139 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012-07-31 21:03:20 | 000,062,464 | -H-- | M] (FRISK Software International) -- C:\Windows\SysNative\b5eclder64.dll
[2012-07-31 21:03:20 | 000,056,320 | -H-- | M] (FRISK Software International) -- C:\Windows\SysWow64\b5eclder.dll
[2012-07-31 21:02:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-07-31 21:00:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-31 20:50:06 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012-07-31 20:50:06 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012-07-31 20:49:55 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012-07-30 23:29:34 | 000,059,875 | ---- | M] () -- C:\Users\admin\Documents\ziuum.jpg
[2012-07-30 23:29:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\ziuum.jpg
[2012-07-27 00:00:49 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012-07-27 00:00:49 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012-07-16 16:28:29 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-07-13 11:58:30 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-07-12 23:31:25 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-10 13:35:19 | 000,306,215 | ---- | M] () -- C:\Users\admin\Documents\elo.png
[2012-07-10 13:34:59 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\elo.png
[2012-07-08 12:50:45 | 000,007,544 | ---- | M] () -- C:\Users\admin\Documents\cc_20120708_125042.reg
[2012-07-08 12:50:33 | 000,084,680 | ---- | M] () -- C:\Users\admin\Documents\cc_20120708_125028.reg
[2012-07-06 12:34:15 | 000,000,392 | ---- | M] () -- C:\Windows\WebEye.ini
[2012-07-05 23:23:58 | 000,001,636 | ---- | M] () -- C:\Users\Public\Desktop\WebEye.lnk
[2012-07-05 23:17:39 | 000,001,286 | ---- | M] () -- C:\Users\Public\Desktop\USB2.0 Web Camera.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-08-01 11:10:20 | 000,632,049 | ---- | C] () -- C:\Users\admin\Desktop\adwcleaner.exe
[2012-07-31 22:58:08 | 000,001,139 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012-07-30 23:29:19 | 000,059,875 | ---- | C] () -- C:\Users\admin\Documents\ziuum.jpg
[2012-07-30 23:29:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\ziuum.jpg
[2012-07-12 23:31:25 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012-07-12 23:31:25 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012-07-10 13:35:03 | 000,306,215 | ---- | C] () -- C:\Users\admin\Documents\elo.png
[2012-07-10 13:34:59 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\elo.png
[2012-07-08 12:50:44 | 000,007,544 | ---- | C] () -- C:\Users\admin\Documents\cc_20120708_125042.reg
[2012-07-08 12:50:31 | 000,084,680 | ---- | C] () -- C:\Users\admin\Documents\cc_20120708_125028.reg
[2012-07-08 12:43:36 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012-07-05 23:23:58 | 000,020,992 | ---- | C] () -- C:\Windows\mmvcb.ax
[2012-07-05 23:23:58 | 000,001,636 | ---- | C] () -- C:\Users\Public\Desktop\WebEye.lnk
[2012-07-05 23:23:58 | 000,000,392 | ---- | C] () -- C:\Windows\WebEye.ini
[2012-07-05 23:18:04 | 000,102,400 | ---- | C] () -- C:\Windows\JAPI.dll
[2012-07-05 23:17:39 | 000,001,286 | ---- | C] () -- C:\Users\Public\Desktop\USB2.0 Web Camera.lnk
[2012-05-27 21:32:28 | 000,003,584 | ---- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-04-22 13:53:14 | 001,044,480 | ---- | C] () -- C:\Windows\SysWow64\3DImageRenderer.dll
[2012-02-29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012-02-27 17:55:37 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2012-02-22 15:02:01 | 000,078,848 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2011-11-26 15:41:36 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011-11-02 16:42:18 | 000,007,605 | ---- | C] () -- C:\Users\admin\AppData\Local\Resmon.ResmonCfg
[2011-10-16 22:19:26 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011-10-08 18:14:38 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-08-29 19:42:12 | 001,577,396 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-08-21 13:50:14 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011-08-21 13:17:36 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011-08-21 13:17:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011-08-19 22:46:03 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011-08-19 22:36:37 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

< End of report >