OTL logfile created on: 2011-04-19 16:28:22 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Argus\Desktop\fixit Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free 3,00 Gb Paging File | 2,00 Gb Available in Paging File | 57,00% Paging File free Paging file location(s): f:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 51,23 Gb Total Space | 18,45 Gb Free Space | 36,02% Space Free | Partition Type: NTFS Drive D: | 12,15 Gb Total Space | 10,98 Gb Free Space | 90,37% Space Free | Partition Type: NTFS Drive E: | 106,26 Gb Total Space | 103,83 Gb Free Space | 97,71% Space Free | Partition Type: NTFS Drive F: | 2,93 Gb Total Space | 2,18 Gb Free Space | 74,46% Space Free | Partition Type: FAT Computer Name: GWIAZDKA2 | User Name: Argus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-03-07 02:22:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Argus\Desktop\fixit\OTL.exe PRC - [2009-12-04 18:42:04 | 000,112,464 | ---- | M] (NewSoft Technology Corporation) -- D:\Programy\Presto! PageManager 9\PMSpeed.exe PRC - [2009-12-03 11:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe PRC - [2009-12-03 01:00:00 | 000,847,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe PRC - [2009-07-14 16:17:34 | 000,030,544 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe PRC - [2009-04-11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 00:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009-01-26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe PRC - [2008-05-24 15:34:28 | 000,026,448 | ---- | M] (NewSoft Technology Corporation) -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe PRC - [2008-02-13 07:52:10 | 004,915,200 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-01-19 00:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007-09-26 00:18:54 | 000,561,152 | ---- | M] (UASSOFT.COM) -- D:\Programy\MultiMediaKeyboardv5\KMProcess.exe PRC - [2007-05-08 18:00:48 | 002,179,072 | ---- | M] (UASSOFT.COM) -- D:\Programy\MultiMediaKeyboardv5\KMWDSrv.exe PRC - [2006-12-19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-03-07 02:22:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Argus\Desktop\fixit\OTL.exe MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-03-05 20:46:06 | 000,311,680 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2009-07-20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009-01-26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008-01-19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-08-21 11:40:24 | 000,800,040 | ---- | M] (Nero AG) [On_Demand | Stopped] -- D:\Programy\Nero 7\Nero BackItUp\NBService.exe -- (NBService) SRV - [2007-05-08 18:00:48 | 002,179,072 | ---- | M] (UASSOFT.COM) [Auto | Running] -- D:\Programy\MultiMediaKeyboardv5\KMWDSrv.exe -- (KMWDSERVICE) SRV - [2006-12-19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-03-05 20:18:09 | 000,280,592 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2011-03-05 18:01:59 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010-07-10 06:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009-12-30 12:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt) DRV - [2009-06-30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot) DRV - [2009-06-17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009-06-17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009-06-15 15:01:00 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1) DRV - [2009-05-16 21:59:34 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-05-15 19:50:22 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2008-12-15 21:41:32 | 000,033,808 | ---- | M] (Kaspersky Lab) [File_System | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg) DRV - [2008-01-25 10:46:40 | 000,106,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-490808988-388775952-1288748047-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ IE - HKU\S-1-5-21-490808988-388775952-1288748047-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-490808988-388775952-1288748047-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.0 FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.463 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019 FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: D:\Programy\Mozilla\Firefox\components [2011-04-01 00:32:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: D:\Programy\Mozilla\Firefox\plugins FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2011-03-05 20:18:36 | 000,000,000 | ---D | M] [2011-03-06 23:02:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Argus\AppData\Roaming\Mozilla\Extensions [2011-04-01 00:44:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Argus\AppData\Roaming\Mozilla\Firefox\Profiles\hmr5zfly.default\extensions [2011-04-01 00:44:08 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Argus\AppData\Roaming\Mozilla\Firefox\Profiles\hmr5zfly.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} File not found (No name found) -- () (No name found) -- C:\USERS\ARGUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HMR5ZFLY.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\USERS\ARGUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HMR5ZFLY.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\ARGUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HMR5ZFLY.DEFAULT\EXTENSIONS\{D40F5E7B-D2CF-4856-B441-CC613EEFFBE3}.XPI [2011-03-06 23:31:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION O1 HOSTS File: ([2011-04-11 10:51:40 | 000,432,311 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 14882 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programy\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - D:\Programy\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKU\S-1-5-21-490808988-388775952-1288748047-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [DelReg] C:\Program Files\MSI\DualCoreCenter\DelReg.exe () O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [KMConfig] File not found O4 - HKLM..\Run: [PMSpeed] D:\Programy\Presto! PageManager 9\PMSpeed.exe (NewSoft Technology Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SpybotSnD] C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe (NewSoft Technology Corporation) O4 - HKU\S-1-5-21-490808988-388775952-1288748047-1000..\Run: [Epson Stylus Office BX620FWD(Sieć)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGBU.EXE (SEIKO EPSON CORPORATION) O4 - HKU\S-1-5-21-490808988-388775952-1288748047-1000..\Run: [Scan Buttons] D:\Programy\Presto! PageManager 9\Pmsb.exe (NewSoft Technology Corporation) O4 - HKU\S-1-5-21-490808988-388775952-1288748047-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O7 - HKU\S-1-5-21-490808988-388775952-1288748047-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O7 - HKU\S-1-5-21-490808988-388775952-1288748047-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O9 - Extra Button: &Wirtualna klawiatura - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Sprawdzanie adresów - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011-03-06 19:37:01 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-03-06 19:37:01 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-03-06 19:37:01 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2011-03-06 18:37:02 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ FAT ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-04-16 00:59:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2011-04-16 00:59:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2011-04-15 00:16:00 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011-04-15 00:15:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011-04-15 00:15:52 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011-04-15 00:15:52 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011-04-15 00:15:52 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011-04-15 00:15:52 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011-04-15 00:15:51 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011-04-15 00:15:51 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011-04-15 00:15:51 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011-04-15 00:15:51 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-04-15 00:15:51 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011-04-15 00:15:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011-04-15 00:15:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011-04-15 00:15:51 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011-04-15 00:15:51 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011-04-15 00:15:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011-04-15 00:15:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-04-15 00:15:51 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011-04-15 00:15:50 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-04-15 00:15:44 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011-04-15 00:15:43 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011-04-15 00:15:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011-04-15 00:15:36 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011-04-15 00:15:33 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011-04-15 00:15:33 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011-04-12 02:22:44 | 000,000,000 | ---D | C] -- C:\Users\Argus\AppData\Roaming\f-secure [2011-04-12 02:21:56 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure [2011-04-12 02:09:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011-04-12 02:09:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-04-12 02:08:53 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011-04-12 02:08:53 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011-04-12 02:08:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011-04-12 02:08:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011-04-11 19:18:55 | 000,000,000 | ---D | C] -- C:\Users\Argus\AppData\Roaming\ArcaVirMicroScan [2011-04-11 19:16:04 | 000,000,000 | ---D | C] -- C:\Users\Argus\AppData\Roaming\QuickScan [2011-04-11 15:31:31 | 000,000,000 | ---D | C] -- C:\Users\Argus\AppData\Roaming\Foxit Software [2011-04-11 14:52:08 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2011-04-11 14:37:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2011-04-11 14:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2011-04-11 14:28:20 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan [2011-04-11 14:28:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS [2011-04-11 14:28:20 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan [2011-04-11 14:28:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS\0301010.006 [2011-04-11 14:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2011-04-11 14:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2011-04-11 14:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller [2011-04-11 11:02:01 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2011-04-11 10:55:27 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys [2011-04-11 10:55:24 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security [2011-04-10 22:16:36 | 000,301,656 | ---- | C] (Broadcom Corporation.) -- C:\Windows\System32\BtCoreIf.dll [2011-04-10 22:15:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd [2011-03-23 20:41:03 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011-03-23 20:41:02 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-04-19 16:20:46 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Argus.job [2011-04-19 16:16:31 | 000,075,982 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-04-19 15:57:59 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-490808988-388775952-1288748047-1003UA.job [2011-04-19 15:55:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-490808988-388775952-1288748047-1000UA.job [2011-04-19 15:42:41 | 000,004,448 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-04-19 15:42:41 | 000,004,448 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-04-19 14:39:35 | 000,075,981 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-04-19 07:42:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-04-19 07:42:35 | 2143,825,920 | -HS- | M] () -- C:\hiberfil.sys [2011-04-18 23:54:59 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-490808988-388775952-1288748047-1000Core.job [2011-04-18 21:58:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-490808988-388775952-1288748047-1003Core.job [2011-04-17 22:43:08 | 000,000,680 | ---- | M] () -- C:\Users\Argus\AppData\Local\d3d9caps.dat [2011-04-17 22:31:09 | 000,001,844 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [2011-04-15 11:43:06 | 000,271,968 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-04-15 11:13:43 | 000,671,902 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-04-15 11:13:43 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-04-15 11:13:43 | 000,130,310 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-04-15 11:13:43 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-04-12 02:08:35 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2011-04-12 02:08:35 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011-04-12 02:08:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011-04-12 02:08:35 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011-04-11 20:30:43 | 000,000,693 | ---- | M] () -- C:\Users\Argus\Desktop\ArcaVirMicroScan.lnk [2011-04-11 14:28:27 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk [2011-04-11 10:51:40 | 000,432,311 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011-04-10 22:18:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf [2011-04-10 22:16:38 | 000,000,813 | ---- | M] () -- C:\Users\Public\Desktop\Ustawienia myszy i klawiatury firmy Logitech.lnk [2011-04-10 22:16:36 | 000,000,807 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2011-04-05 00:03:03 | 000,115,267 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat [2011-04-05 00:03:03 | 000,097,859 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat [2011-04-01 06:15:30 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\NSS\0301010.006\isolate.ini [2011-04-01 00:57:54 | 000,002,048 | ---- | M] () -- C:\Users\Argus\Desktop\Google Chrome.lnk [2011-04-01 00:40:52 | 000,431,551 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110411-105140.backup [2011-04-01 00:32:56 | 000,000,702 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011-03-23 22:26:16 | 000,431,419 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110401-004052.backup [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-04-11 20:30:43 | 000,000,693 | ---- | C] () -- C:\Users\Argus\Desktop\ArcaVirMicroScan.lnk [2011-04-11 14:28:38 | 000,000,436 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Argus.job [2011-04-11 14:28:27 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk [2011-04-11 14:28:20 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NSS\0301010.006\isolate.ini [2011-04-10 22:18:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_LHidFilt_01005.Wdf [2011-04-01 00:32:56 | 000,000,702 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-03-06 23:02:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011-03-06 16:30:06 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-03-06 16:30:06 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2011-03-06 04:06:51 | 000,000,760 | ---- | C] () -- C:\Users\Argus\AppData\Roaming\setup_ldm.iss [2011-03-06 02:26:55 | 000,083,416 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat [2011-03-05 23:25:21 | 000,075,982 | ---- | C] () -- C:\ProgramData\nvModes.001 [2011-03-05 23:25:21 | 000,075,981 | ---- | C] () -- C:\ProgramData\nvModes.dat [2011-03-05 21:36:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011-03-05 21:35:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011-03-05 21:35:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011-03-05 20:23:48 | 000,604,140 | -HS- | C] () -- C:\Windows\System32\drivers\ISwift3.dat [2011-03-05 20:19:20 | 000,115,267 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2011-03-05 20:19:20 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2011-03-05 20:08:31 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll [2011-03-05 20:05:42 | 000,184,320 | ---- | C] () -- C:\Windows\System32\HookShield.dll [2011-03-05 20:05:42 | 000,040,960 | ---- | C] () -- C:\Windows\System32\executeosd.exe [2011-03-05 20:05:40 | 000,134,504 | ---- | C] () -- C:\Windows\System32\smdll.dll [2011-03-05 20:05:40 | 000,036,200 | ---- | C] () -- C:\Windows\System32\Auxiliary.dll [2011-03-05 20:05:36 | 000,229,376 | ---- | C] () -- C:\Windows\System32\HookMap.dll [2011-03-05 17:55:32 | 000,203,328 | R--- | C] () -- C:\Windows\GSetup.exe [2011-03-05 17:55:32 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2011-03-05 17:54:19 | 000,000,680 | ---- | C] () -- C:\Users\Argus\AppData\Local\d3d9caps.dat [2009-07-03 16:45:12 | 000,027,507 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat [2006-12-05 07:22:07 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2006-12-05 07:22:06 | 000,671,902 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2006-12-05 07:22:06 | 000,130,310 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2006-12-05 07:22:06 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:47:37 | 000,271,968 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011-04-19 14:41:52 | 000,000,000 | ---D | M] -- C:\Users\Argus\AppData\Roaming\.oit [2011-04-12 00:38:54 | 000,000,000 | ---D | M] -- C:\Users\Argus\AppData\Roaming\ArcaVirMicroScan [2011-04-19 14:45:38 | 000,000,000 | ---D | M] -- C:\Users\Argus\AppData\Roaming\Epson [2011-04-12 02:22:44 | 000,000,000 | ---D | M] -- C:\Users\Argus\AppData\Roaming\f-secure [2011-04-11 15:31:31 | 000,000,000 | ---D | M] -- C:\Users\Argus\AppData\Roaming\Foxit Software [2011-03-06 16:16:52 | 000,000,000 | ---D | M] -- C:\Users\Argus\AppData\Roaming\IrfanView [2011-03-06 01:59:20 | 000,000,000 | ---D | M] -- C:\Users\Argus\AppData\Roaming\Opera [2011-04-11 19:16:12 | 000,000,000 | ---D | M] -- C:\Users\Argus\AppData\Roaming\QuickScan [2011-04-01 00:53:13 | 000,000,000 | ---D | M] -- C:\Users\Argus\AppData\Roaming\Uniblue [2011-04-19 07:47:26 | 000,000,000 | ---D | M] -- C:\Users\Iwona\AppData\Roaming\.oit [2011-03-09 18:50:40 | 000,000,000 | ---D | M] -- C:\Users\Iwona\AppData\Roaming\Epson [2011-04-13 12:00:12 | 000,000,000 | ---D | M] -- C:\Users\Iwona\AppData\Roaming\Foxit Software [2011-03-09 23:23:38 | 000,000,000 | ---D | M] -- C:\Users\Iwona\AppData\Roaming\Opera [2011-04-19 11:56:10 | 000,000,000 | ---D | M] -- C:\Users\Rack\AppData\Roaming\.oit [2011-03-06 16:45:52 | 000,000,000 | ---D | M] -- C:\Users\Rack\AppData\Roaming\Epson [2011-03-14 00:32:55 | 000,000,000 | ---D | M] -- C:\Users\Rack\AppData\Roaming\Foxit Software [2011-03-18 13:15:37 | 000,000,000 | ---D | M] -- C:\Users\Rack\AppData\Roaming\IrfanView [2011-03-09 02:21:40 | 000,000,000 | ---D | M] -- C:\Users\Rack\AppData\Roaming\Opera [2011-03-15 02:34:28 | 000,000,000 | ---D | M] -- C:\Users\Rack\AppData\Roaming\QuickScan [2011-04-19 00:56:56 | 000,028,350 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >