[code] OTS logfile created on: 2011-05-01 21:09:25 - Run 1 OTS by OldTimer - Version 3.1.42.0 Folder = C:\Users\MOJ\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 107,31 Gb Total Space | 11,14 Gb Free Space | 10,39% Space Free | Partition Type: NTFS Drive D: | 175,78 Gb Total Space | 6,93 Gb Free Space | 3,94% Space Free | Partition Type: NTFS Drive E: | 182,57 Gb Total Space | 10,08 Gb Free Space | 5,52% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: MOJ-PC Current User Name: MOJ Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\MOJ\Desktop\OTS.exe -> [2011-05-01 21:09:05 | 000,645,632 | ---- | M] (OldTimer Tools) opera.exe -> C:\Program Files\Opera\opera.exe -> [2011-04-30 21:27:05 | 000,941,936 | ---- | M] (Opera Software) csrs.exe -> C:\ProgramData\csrs.exe -> [2011-04-26 17:02:10 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) avastui.exe -> C:\Program Files\Alwil Software\Avast5\AvastUI.exe -> [2011-01-13 10:47:34 | 003,396,624 | ---- | M] (AVAST Software) avastsvc.exe -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2011-01-13 10:47:33 | 000,040,384 | ---- | M] (AVAST Software) nvxdsync.exe -> C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe -> [2010-10-16 13:42:38 | 000,792,680 | ---- | M] (NVIDIA Corporation) nvscpapisvr.exe -> C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -> [2010-10-16 12:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) mxtray.exe -> C:\Program Files\MAGIX\PC_Check_Tuning_2011_Download_Version\MxTray.exe -> [2010-10-04 15:13:28 | 002,188,568 | ---- | M] () aodassist.exe -> C:\Program Files\AMD\OverDrive\AODAssist.exe -> [2010-07-01 05:45:02 | 000,136,616 | ---- | M] () lws.exe -> C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -> [2010-05-07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) hud.exe -> C:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe -> [2010-04-30 16:39:34 | 001,679,872 | ---- | M] (GIGABYTE Technology Co.,Ltd.) dtlite.exe -> C:\Program Files\DAEMON Tools Lite\DTLite.exe -> [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) explorer.exe -> C:\Windows\explorer.exe -> [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) lwemon.exe -> C:\Program Files\Logitech\Gaming Software\LWEMon.exe -> [2008-04-04 12:38:00 | 000,088,584 | ---- | M] (Logitech Inc.) ikeymain.exe -> C:\Program Files\A4Tech\Keyboard\Ikeymain.exe -> [2004-08-31 07:33:22 | 000,061,440 | ---- | M] (A4Tech Co.,Ltd.) [Modules - Safe List] ots.exe -> C:\Users\MOJ\Desktop\OTS.exe -> [2011-05-01 21:09:05 | 000,645,632 | ---- | M] (OldTimer Tools) snxhk.dll -> C:\Program Files\Alwil Software\Avast5\snxhk.dll -> [2011-01-13 10:47:35 | 000,189,728 | ---- | M] (AVAST Software) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll -> [2010-08-21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) sspicli.dll -> C:\Windows\System32\sspicli.dll -> [2009-07-14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) sechost.dll -> C:\Windows\System32\sechost.dll -> [2009-07-14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) samcli.dll -> C:\Windows\System32\samcli.dll -> [2009-07-14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) profapi.dll -> C:\Windows\System32\profapi.dll -> [2009-07-14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) netutils.dll -> C:\Windows\System32\netutils.dll -> [2009-07-14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) kernelbase.dll -> C:\Windows\System32\KernelBase.dll -> [2009-07-14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) dwmapi.dll -> C:\Windows\System32\dwmapi.dll -> [2009-07-14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) devobj.dll -> C:\Windows\System32\devobj.dll -> [2009-07-14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) cryptbase.dll -> C:\Windows\System32\cryptbase.dll -> [2009-07-14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) cfgmgr32.dll -> C:\Windows\System32\cfgmgr32.dll -> [2009-07-14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) ikeyrfk8.dll -> C:\Windows\System32\Ikeyrfk8.dll -> [2004-08-31 07:34:00 | 000,032,768 | ---- | M] (A4Tech Co., Ltd.) [Win32 Services - Safe List] (avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -> [2011-01-13 10:47:33 | 000,040,384 | ---- | M] (AVAST Software) (WatAdminSvc) Usługa Technologie aktywacji systemu Windows [Unknown | Stopped] -> C:\Windows\System32\Wat\WatAdminSvc.exe -> [2010-12-20 13:23:46 | 001,343,400 | ---- | M] (Microsoft Corporation) (MAGIX StartUp Analyze Service) MAGIX StartUp Analyze Service [Auto | Stopped] -> C:\Program Files\MAGIX\PC_Check_Tuning_2011_Download_Version\MXSAS.exe -> [2010-11-18 14:28:24 | 000,196,096 | ---- | M] (MAGIX AG) (Stereo Service) NVIDIA Stereoscopic 3D Driver Service [Auto | Running] -> C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -> [2010-10-16 12:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) (AODService) AODService [Auto | Running] -> C:\Program Files\AMD\OverDrive\AODAssist.exe -> [2010-07-01 05:45:02 | 000,136,616 | ---- | M] () (LVPrcSrv) Process Monitor [Disabled | Stopped] -> C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -> [2010-05-07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) (SwitchBoard) SwitchBoard [On_Demand | Stopped] -> C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -> [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) (WwanSvc) Automatyczne konfigurowanie bezprzewodowej sieci WAN [On_Demand | Stopped] -> C:\Windows\System32\wwansvc.dll -> [2009-07-14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) (WbioSrvc) Usługa biometryczna systemu Windows [On_Demand | Stopped] -> C:\Windows\System32\wbiosrvc.dll -> [2009-07-14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) (Power) Zasilanie [Auto | Running] -> C:\Windows\System32\umpo.dll -> [2009-07-14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) (Themes) Kompozycje [Auto | Running] -> C:\Windows\System32\themeservice.dll -> [2009-07-14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) (sppuinotify) Usługa powiadomień SPP [On_Demand | Stopped] -> C:\Windows\System32\sppuinotify.dll -> [2009-07-14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) (RpcEptMapper) Program mapowania punktów końcowych wywołań RPC [Unknown | Running] -> C:\Windows\System32\RpcEpMap.dll -> [2009-07-14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) (SensrSvc) Jasność adaptacyjna [On_Demand | Stopped] -> C:\Windows\System32\sensrsvc.dll -> [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) (PeerDistSvc) BranchCache [On_Demand | Stopped] -> C:\Windows\System32\PeerDistSvc.dll -> [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) (PNRPsvc) Protokół rozpoznawania nazw równorzędnych [Disabled | Stopped] -> C:\Windows\System32\pnrpsvc.dll -> [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) (p2pimsvc) Menedżer tożsamości sieci równorzędnej [On_Demand | Running] -> C:\Windows\System32\pnrpsvc.dll -> [2009-07-14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) (HomeGroupProvider) Dostawca grupy domowej [On_Demand | Running] -> C:\Windows\System32\provsvc.dll -> [2009-07-14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) (PNRPAutoReg) Usługa publikowania nazw komputerów PNRP [On_Demand | Stopped] -> C:\Windows\System32\pnrpauto.dll -> [2009-07-14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) (WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) (HomeGroupListener) Usługa nasłuchująca grup domowych [On_Demand | Running] -> C:\Windows\System32\ListSvc.dll -> [2009-07-14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) (FontCache) Usług systemu Windows buforowania czcionek [On_Demand | Running] -> C:\Windows\System32\FntCache.dll -> [2009-07-14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) (Dhcp) Klient DHCP [Auto | Running] -> C:\Windows\System32\dhcpcore.dll -> [2009-07-14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) (defragsvc) Defragmentator dysków [On_Demand | Stopped] -> C:\Windows\System32\defragsvc.dll -> [2009-07-14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) (BDESVC) Usługa szyfrowania dysków funkcją BitLocker [Unknown | Stopped] -> C:\Windows\System32\bdesvc.dll -> [2009-07-14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) (AxInstSV) Instalator formantów ActiveX (AxInstSV) [On_Demand | Stopped] -> C:\Windows\System32\AxInstSv.dll -> [2009-07-14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) (AppIDSvc) Tożsamość aplikacji [On_Demand | Stopped] -> C:\Windows\System32\appidsvc.dll -> [2009-07-14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) (sppsvc) Ochrona oprogramowania [Auto | Stopped] -> C:\Windows\System32\sppsvc.exe -> [2009-07-14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] (cpuz132) cpuz132 [Kernel | On_Demand | Running] -> -> File not found (aswSP) aswSP [Kernel | System | Running] -> C:\Windows\System32\drivers\aswSP.sys -> [2011-01-13 10:41:16 | 000,294,608 | ---- | M] (AVAST Software) (aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\Windows\System32\drivers\aswTdi.sys -> [2011-01-13 10:40:16 | 000,047,440 | ---- | M] (AVAST Software) (aswRdr) aswRdr [Kernel | System | Running] -> C:\Windows\System32\drivers\aswRdr.sys -> [2011-01-13 10:37:30 | 000,023,632 | ---- | M] (AVAST Software) (aswMonFlt) aswMonFlt [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswMonFlt.sys -> [2011-01-13 10:37:19 | 000,051,280 | ---- | M] (AVAST Software) (aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\Windows\System32\drivers\aswFsBlk.sys -> [2011-01-13 10:37:09 | 000,017,744 | ---- | M] (AVAST Software) (sptd) sptd [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\sptd.sys -> [2010-12-20 15:21:45 | 000,691,696 | ---- | M] () (nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvlddmkm.sys -> [2010-10-22 08:23:05 | 010,084,360 | ---- | M] (NVIDIA Corporation) (NVHDA) Service for NVIDIA High Definition Audio Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvhda32v.sys -> [2010-09-07 22:08:56 | 000,123,496 | ---- | M] (NVIDIA Corporation) (AODDriver2) AODDriver2 [Kernel | On_Demand | Running] -> C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys -> [2010-07-01 05:38:04 | 000,036,864 | ---- | M] (Advanced Micro Devices) (LVUVC) Logitech HD Webcam C310(UVC) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\lvuvc.sys -> [2010-05-15 00:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) (LVRS) Logitech RightSound Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\lvrs.sys -> [2010-05-15 00:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) (lvpopflt) Logitech POP Suppression Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\lvpopflt.sys -> [2010-05-15 00:02:14 | 000,114,784 | ---- | M] (Logitech Inc.) (LVPr2Mon) Logitech LVPr2Mon Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\LVPr2Mon.sys -> [2010-05-07 18:43:30 | 000,025,824 | ---- | M] () (usbfilter) AMD USB Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\usbfilter.sys -> [2009-12-22 03:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) (KSecPkg) KSecPkg [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\ksecpkg.sys -> [2009-12-11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) (hwpolicy) Hardware Policy Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\hwpolicy.sys -> [2009-07-14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) (FsDepends) File System Dependency Minifilter [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\fsdepends.sys -> [2009-07-14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) (vmbus) Magistrala maszyny wirtualnej [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vmbus.sys -> [2009-07-14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) (vhdmp) vhdmp [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vhdmp.sys -> [2009-07-14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) (storflt) Sterownik filtru przyspieszania magistrali dyskowej maszyny wirtualnej [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\vmstorfl.sys -> [2009-07-14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) (vdrvroot) Microsoft Virtual Drive Enumerator Driver [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\vdrvroot.sys -> [2009-07-14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) (storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\storvsc.sys -> [2009-07-14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) (WIMMount) WIMMount [File_System | On_Demand | Stopped] -> C:\Windows\System32\drivers\wimmount.sys -> [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) (rdyboost) ReadyBoost [Kernel | Boot | Running] -> C:\Windows\System32\drivers\rdyboost.sys -> [2009-07-14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) (pcw) Performance Counters for Windows Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\pcw.sys -> [2009-07-14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) (CNG) CNG [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\cng.sys -> [2009-07-14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) (rdpbus) Remote Desktop Device Redirector Bus Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\rdpbus.sys -> [2009-07-14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) (RDPREFMP) Reflector Display Driver used to gain access to graphics data [Kernel | System | Running] -> C:\Windows\System32\drivers\RDPREFMP.sys -> [2009-07-14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) (RasAgileVpn) WAN Miniport (IKEv2) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\agilevpn.sys -> [2009-07-14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) (WfpLwf) WFP Lightweight Filter [Kernel | System | Running] -> C:\Windows\System32\drivers\wfplwf.sys -> [2009-07-14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) (NdisCap) NDIS Capture LightWeight Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ndiscap.sys -> [2009-07-14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) (vwifibus) Sterownik wirtualnej magistrali WiFi [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\vwifibus.sys -> [2009-07-14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) (1394ohci) 1394 OHCI Compliant Host Controller [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\1394ohci.sys -> [2009-07-14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) (UmPass) Microsoft UMPass Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\umpass.sys -> [2009-07-14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) (usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\USBAUDIO.sys -> [2009-07-14 01:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) (mshidkmdf) Pass-through HID to KMDF Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\mshidkmdf.sys -> [2009-07-14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) (MTConfig) Microsoft Input Configuration Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\MTConfig.sys -> [2009-07-14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) (CompositeBus) Composite Bus Enumerator Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\CompositeBus.sys -> [2009-07-14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) (scfilter) Sterownik filtru klas karty inteligentnej PnP [Kernel | Unknown | Stopped] -> C:\Windows\System32\drivers\scfilter.sys -> [2009-07-14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) (s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\vms3cap.sys -> [2009-07-14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) (VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\VMBusHID.sys -> [2009-07-14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) (discache) System Attribute Cache [Kernel | System | Running] -> C:\Windows\System32\drivers\discache.sys -> [2009-07-14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) (AcpiPmi) ACPI Power Meter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\DRIVERS\acpipmi.sys -> [2009-07-14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) (AmdPPM) AMD Processor Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\amdppm.sys -> [2009-07-14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) (AtiPcie) AMD PCI Express (3GIO) Filter [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\AtiPcie.sys -> [2009-05-05 03:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) (DiskSec) Magix Volume Filter Driver [Kernel | Boot | Running] -> C:\Windows\System32\drivers\disksec.sys -> [2008-04-04 19:34:26 | 000,014,208 | ---- | M] (MAGIX) (WmXlCore) Logitech Translation Layer Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WmXlCore.sys -> [2008-01-24 16:09:34 | 000,048,904 | ---- | M] (Logitech Inc.) (WmVirHid) Logitech Virtual Hid Device Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WmVirHid.sys -> [2008-01-24 16:09:24 | 000,014,728 | ---- | M] (Logitech Inc.) (WmHidLo) Logitech Gaming USB Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WmHidLo.sys -> [2008-01-24 16:09:14 | 000,029,192 | ---- | M] (Logitech Inc.) (WmFilter) Logitech Gaming HID Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WmFilter.sys -> [2008-01-24 16:09:04 | 000,028,168 | ---- | M] (Logitech Inc.) (WmBEnum) Logitech Virtual Bus Enumerator Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\WmBEnum.sys -> [2008-01-24 16:08:54 | 000,019,336 | ---- | M] (Logitech Inc.) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: URLSearchHooks\\"{5c99e1f0-a422-47be-8be3-a38148ed1615}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found HKEY_LOCAL_MACHINE\: URLSearchHooks\\"{90d46c30-9f25-4104-aea9-35c3f84477ff}" [HKLM] -> C:\Program Files\mipony-plugin\tbmipo.dll [mipony-plugin Toolbar] -> [2010-02-22 13:05:02 | 002,353,176 | ---- | M] (Conduit Ltd.) < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.qooqlle.com/ -> HKEY_CURRENT_USER\: URLSearchHooks\\"{5c99e1f0-a422-47be-8be3-a38148ed1615}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found HKEY_CURRENT_USER\: URLSearchHooks\\"{90d46c30-9f25-4104-aea9-35c3f84477ff}" [HKLM] -> C:\Program Files\mipony-plugin\tbmipo.dll [mipony-plugin Toolbar] -> [2010-02-22 13:05:02 | 002,353,176 | ---- | M] (Conduit Ltd.) HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Users\MOJ\AppData\Roaming\Mozilla\FireFox\Profiles\011sohvx.default\prefs.js -> browser.search.selectedEngine -> "qooqlle" -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://www.qooqlle.com/" -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 -> extensions.enabledItems -> cssreloader@kenneth.io:1.0.2 -> extensions.enabledItems -> {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 -> keyword.URL -> "http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q=" -> network.proxy.backup.ftp -> "127.0.0.1" -> network.proxy.backup.ftp_port -> 9666 -> network.proxy.backup.gopher -> "127.0.0.1" -> network.proxy.backup.gopher_port -> 9666 -> network.proxy.backup.socks -> "127.0.0.1" -> network.proxy.backup.socks_port -> 9666 -> network.proxy.backup.ssl -> "127.0.0.1" -> network.proxy.backup.ssl_port -> 9666 -> network.proxy.ftp -> "127.0.0.1" -> network.proxy.ftp_port -> 9666 -> network.proxy.gopher -> "127.0.0.1" -> network.proxy.gopher_port -> 9666 -> network.proxy.http -> "127.0.0.1" -> network.proxy.http_port -> 9666 -> network.proxy.share_proxy_settings -> true -> network.proxy.socks -> "127.0.0.1" -> network.proxy.socks_port -> 9666 -> network.proxy.ssl -> "127.0.0.1" -> network.proxy.ssl_port -> 9666 -> network.proxy.type -> 0 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2011-05-01 19:50:11 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS -> < FireFox Extensions [User Folders] > -> -> C:\Users\MOJ\AppData\Roaming\mozilla\Extensions -> [2011-05-01 19:50:31 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> search.xml -> C:\Users\MOJ\AppData\Roaming\Mozilla\FireFox\Profiles\011sohvx.default\searchplugins\search.xml -> [2011-05-01 20:10:54 | 000,001,860 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011-05-01 19:50:11 | 000,000,000 | ---D | M] No name found -> -> File not found < HOSTS File > ([2011-02-11 12:32:19 | 000,002,204 | ---- | M] - 61 lines) -> C:\Windows\System32\drivers\etc\hosts -> First 25 entries... Reset Hosts 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} [HKLM] -> C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll [BitComet Helper] -> [2010-12-06 15:02:20 | 000,765,744 | ---- | M] (BitComet) {5c99e1f0-a422-47be-8be3-a38148ed1615} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {90d46c30-9f25-4104-aea9-35c3f84477ff} [HKLM] -> C:\Program Files\mipony-plugin\tbmipo.dll [mipony-plugin Toolbar] -> [2010-02-22 13:05:02 | 002,353,176 | ---- | M] (Conduit Ltd.) {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Plug-In] -> [2011-02-11 14:48:56 | 001,246,600 | ---- | M] (Skype Technologies S.A.) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{0E91EFA2-AF48-4333-9965-5DD29DE31B56}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{90D46C30-9F25-4104-AEA9-35C3F84477FF}" [HKLM] -> C:\Program Files\mipony-plugin\tbmipo.dll [mipony-plugin Toolbar] -> [2010-02-22 13:05:02 | 002,353,176 | ---- | M] (Conduit Ltd.) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "AdobeAAMUpdater-1.0" -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe ["C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"] -> [2010-03-06 04:44:40 | 000,500,208 | ---- | M] (Adobe Systems Incorporated) "AdobeCS5ServiceManager" -> C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe ["C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin] -> [2010-07-22 23:10:47 | 000,402,432 | ---- | M] (Adobe Systems Incorporated) "avast5" -> C:\Program Files\Alwil Software\Avast5\avastUI.exe ["C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui] -> [2011-01-13 10:47:34 | 003,396,624 | ---- | M] (AVAST Software) "csrs" -> C:\ProgramData\csrs.exe [%ALLUSERSPROFILE%\csrs.exe] -> [2011-04-26 17:02:10 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) "iKeyWorks" -> C:\Program Files\A4Tech\Keyboard\Ikeymain.exe [C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe] -> [2004-08-31 07:33:22 | 000,061,440 | ---- | M] (A4Tech Co.,Ltd.) "LWS" -> C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide] -> [2010-05-07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) "Start WingMan Profiler" -> C:\Program Files\Logitech\Gaming Software\LWEMon.exe [C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui] -> [2008-04-04 12:38:00 | 000,088,584 | ---- | M] (Logitech Inc.) "svhost" -> C:\Program Files\Common Files\svhost.exe [%COMMONPROGRAMFILES%\svhost.exe] -> [2011-04-26 17:02:10 | 006,855,168 | RHS- | M] () "SwitchBoard" -> C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe] -> [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) "WheelMouse" -> C:\Program Files\A4Tech\Mouse\Amoumain.exe [C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe] -> [2004-09-03 05:49:34 | 000,159,744 | ---- | M] (A4Tech Co., Ltd.) "winloqon" -> C:\ProgramData\winloqon.exe [%ALLUSERSPROFILE%\winloqon.exe] -> [2011-04-26 17:02:11 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "DAEMON Tools Lite" -> C:\Program Files\DAEMON Tools Lite\DTLite.exe ["C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun] -> [2010-04-01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) "Gadu-Gadu 10" -> C:\Program Files\Gadu-Gadu 10\gg.exe ["C:\Program Files\Gadu-Gadu 10\gg.exe"] -> [2010-12-16 07:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [0] -> File not found \\"ConsentPromptBehaviorUser" -> [3] -> File not found \\"EnableLUA" -> [0] -> File not found \\"PromptOnSecureDesktop" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveAutorun" -> [0] -> File not found < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> &P&obierz &za pomocą BitComet -> C:\Program Files\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm] -> [2010-12-08 14:42:32 | 010,811,696 | ---- | M] (www.BitComet.com) Pobierz wszystko za pomocą BitComet -> C:\Program Files\BitComet\BitComet.exe [res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm] -> [2010-12-08 14:42:32 | 010,811,696 | ---- | M] (www.BitComet.com) Ściągaj z Mipony -> C:\Program Files\MiPony\Browser\IEContext.htm [file://C:\Program Files\MiPony\Browser\IEContext.htm] -> [2009-10-07 18:29:48 | 000,000,716 | ---- | M] () < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A}:res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 [HKLM] -> C:\Program Files\BitComet\tools\BitCometBHO_1.4.12.6.dll [Button: BitComet] -> [2010-12-06 15:02:20 | 000,765,744 | ---- | M] (BitComet) < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [Shockwave Flash Object] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 10.3.2.1 8.8.8.8 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {0480D7D6-91DA-4A57-9357-820DC446C665}\\DhcpNameServer -> 10.3.2.1 8.8.8.8 (Realtek PCIe GBE Family Controller) -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> *VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet -> SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009-07-14 03:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation) /pagefile -> -> File not found *MultiFile Done* -> -> < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found < LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> *LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> pku2u -> C:\Windows\System32\pku2u.dll -> [2009-07-14 03:16:12 | 000,186,880 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe" -> C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe [C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe:*:Enabled:River Past Audio Converter Pro] -> [2010-03-23 21:16:34 | 000,655,360 | ---- | M] (River Past Corporation) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> \{31da8b8b-0c3c-11e0-b8c5-6c626d7dd553} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31da8b8b-0c3c-11e0-b8c5-6c626d7dd553}\shell \{31da8b8b-0c3c-11e0-b8c5-6c626d7dd553}\shell\\"" -> [AutoRun] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31da8b8b-0c3c-11e0-b8c5-6c626d7dd553}\shell\AutoRun\command \{31da8b8b-0c3c-11e0-b8c5-6c626d7dd553}\shell\AutoRun\command\\"" -> [G:\setup\rsrc\Autorun.exe] -> File not found HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31da8b8b-0c3c-11e0-b8c5-6c626d7dd553}\shell\dinstall\command \{31da8b8b-0c3c-11e0-b8c5-6c626d7dd553}\shell\dinstall\command\\"" -> [G:\Directx\dxsetup.exe] -> File not found < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Files/Folders - Created Within 30 Days] OTS.exe -> C:\Users\MOJ\Desktop\OTS.exe -> [2011-05-01 21:09:04 | 000,645,632 | ---- | C] (OldTimer Tools) OTL_3.2.22.3(dobreprogramy.pl).exe -> C:\Users\MOJ\Desktop\OTL_3.2.22.3(dobreprogramy.pl).exe -> [2011-05-01 20:23:08 | 000,580,608 | ---- | C] (OldTimer Tools) Mozilla -> C:\Users\MOJ\AppData\Roaming\Mozilla -> [2011-05-01 19:50:18 | 000,000,000 | ---D | C] Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2011-05-01 19:50:11 | 000,000,000 | ---D | C] Google Chrome -> C:\Users\MOJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome -> [2011-05-01 19:43:02 | 000,000,000 | ---D | C] Google -> C:\Users\MOJ\AppData\Local\Google -> [2011-05-01 19:41:05 | 000,000,000 | ---D | C] Opera -> C:\Program Files\Opera -> [2011-04-30 21:27:05 | 000,000,000 | ---D | C] ftpcache -> C:\Windows\ftpcache -> [2011-04-26 22:31:07 | 000,000,000 | -HSD | C] searchplugins -> C:\Users\MOJ\AppData\Local\searchplugins -> [2011-04-26 20:43:20 | 000,000,000 | ---D | C] winloqon.exe -> C:\ProgramData\winloqon.exe -> [2011-04-26 16:53:29 | 000,331,776 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) csrs.exe -> C:\ProgramData\csrs.exe -> [2011-04-26 16:53:28 | 000,339,968 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) Telltale Games -> C:\Users\MOJ\Documents\Telltale Games -> [2011-04-26 10:44:16 | 000,000,000 | ---D | C] Ubisoft Game Launcher -> C:\Users\MOJ\AppData\Local\Ubisoft Game Launcher -> [2011-04-23 11:11:21 | 000,000,000 | ---D | C] Ubisoft -> C:\Program Files\Ubisoft -> [2011-04-23 11:11:16 | 000,000,000 | ---D | C] Ubisoft -> C:\Users\MOJ\AppData\Roaming\Ubisoft -> [2011-04-23 10:55:31 | 000,000,000 | ---D | C] Ubisoft -> C:\ProgramData\Ubisoft -> [2011-04-23 10:55:31 | 000,000,000 | ---D | C] roboot.exe -> C:\Windows\System32\roboot.exe -> [2011-04-21 14:53:16 | 000,015,592 | ---- | C] (Dll-Files.com) 2K Games -> C:\Users\MOJ\AppData\Local\2K Games -> [2011-04-21 12:51:06 | 000,000,000 | ---D | C] Microsoft Games -> C:\Users\MOJ\AppData\Local\Microsoft Games -> [2011-04-21 12:16:14 | 000,000,000 | ---D | C] ElevatedDiagnostics -> C:\Users\MOJ\AppData\Local\ElevatedDiagnostics -> [2011-04-20 19:55:37 | 000,000,000 | ---D | C] jscript.dll -> C:\Windows\System32\jscript.dll -> [2011-04-14 07:34:23 | 000,716,800 | ---- | C] (Microsoft Corporation) vbscript.dll -> C:\Windows\System32\vbscript.dll -> [2011-04-14 07:34:23 | 000,428,032 | ---- | C] (Microsoft Corporation) dnscacheugc.exe -> C:\Windows\System32\dnscacheugc.exe -> [2011-04-14 07:34:22 | 000,028,672 | ---- | C] (Microsoft Corporation) atmfd.dll -> C:\Windows\System32\atmfd.dll -> [2011-04-14 07:34:21 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) atmlib.dll -> C:\Windows\System32\atmlib.dll -> [2011-04-14 07:34:21 | 000,034,304 | ---- | C] (Adobe Systems) mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2011-04-14 07:34:17 | 001,638,912 | ---- | C] (Microsoft Corporation) mstime.dll -> C:\Windows\System32\mstime.dll -> [2011-04-14 07:34:17 | 000,606,208 | ---- | C] (Microsoft Corporation) msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2011-04-14 07:34:17 | 000,599,040 | ---- | C] (Microsoft Corporation) html.iec -> C:\Windows\System32\html.iec -> [2011-04-14 07:34:17 | 000,386,048 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2011-04-14 07:34:17 | 000,381,440 | ---- | C] (Microsoft Corporation) iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2011-04-14 07:34:17 | 000,185,856 | ---- | C] (Microsoft Corporation) ieui.dll -> C:\Windows\System32\ieui.dll -> [2011-04-14 07:34:17 | 000,176,640 | ---- | C] (Microsoft Corporation) msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2011-04-14 07:34:17 | 000,064,512 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2011-04-14 07:34:17 | 000,048,128 | ---- | C] (Microsoft Corporation) licmgr10.dll -> C:\Windows\System32\licmgr10.dll -> [2011-04-14 07:34:17 | 000,044,544 | ---- | C] (Microsoft Corporation) msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2011-04-14 07:34:17 | 000,012,800 | ---- | C] (Microsoft Corporation) win32k.sys -> C:\Windows\System32\win32k.sys -> [2011-04-14 07:33:55 | 002,331,136 | ---- | C] (Microsoft Corporation) FXSCOVER.exe -> C:\Windows\System32\FXSCOVER.exe -> [2011-04-14 07:33:52 | 000,191,488 | ---- | C] (Microsoft Corporation) mfc42u.dll -> C:\Windows\System32\mfc42u.dll -> [2011-04-14 07:33:51 | 001,164,288 | ---- | C] (Microsoft Corporation) mfc42.dll -> C:\Windows\System32\mfc42.dll -> [2011-04-14 07:33:51 | 001,137,664 | ---- | C] (Microsoft Corporation) SHIFT 2 UNLEASHED -> C:\Users\MOJ\Documents\SHIFT 2 UNLEASHED -> [2011-04-13 09:23:57 | 000,000,000 | ---D | C] gry -> C:\gry -> [2011-04-13 09:19:18 | 000,000,000 | ---D | C] Shadow Harvest -> C:\Users\MOJ\Documents\Shadow Harvest -> [2011-04-10 00:35:49 | 000,000,000 | ---D | C] Viva Media -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Viva Media -> [2011-04-10 00:31:43 | 000,000,000 | ---D | C] GHISLER -> C:\Users\MOJ\AppData\Local\GHISLER -> [2011-04-10 00:23:30 | 000,000,000 | ---D | C] totalcmd -> C:\totalcmd -> [2011-04-09 23:35:17 | 000,000,000 | ---D | C] Total Commander -> C:\Users\MOJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander -> [2011-04-09 23:35:17 | 000,000,000 | ---D | C] GHISLER -> C:\Users\MOJ\AppData\Roaming\GHISLER -> [2011-04-09 23:35:17 | 000,000,000 | ---D | C] BattleLA Saves -> C:\Users\MOJ\Documents\BattleLA Saves -> [2011-04-08 15:42:30 | 000,000,000 | ---D | C] Konami -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Konami -> [2011-04-08 14:52:58 | 000,000,000 | ---D | C] Eden Games -> C:\Users\MOJ\Documents\Eden Games -> [2011-04-06 17:41:14 | 000,000,000 | ---D | C] Atari -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari -> [2011-04-06 17:35:36 | 000,000,000 | ---D | C] 4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> 2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files/Folders - Modified Within 30 Days] OTS.exe -> C:\Users\MOJ\Desktop\OTS.exe -> [2011-05-01 21:09:05 | 000,645,632 | ---- | M] (OldTimer Tools) GoogleUpdateTaskUserS-1-5-21-3963900671-4176970667-2950494725-1001UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3963900671-4176970667-2950494725-1001UA.job -> [2011-05-01 20:46:00 | 000,001,050 | ---- | M] () OTL_3.2.22.3(dobreprogramy.pl).exe -> C:\Users\MOJ\Desktop\OTL_3.2.22.3(dobreprogramy.pl).exe -> [2011-05-01 20:23:08 | 000,580,608 | ---- | M] (OldTimer Tools) 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011-05-01 20:17:58 | 000,023,200 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011-05-01 20:17:58 | 000,023,200 | -H-- | M] () perfh015.dat -> C:\Windows\System32\perfh015.dat -> [2011-05-01 20:15:05 | 000,690,922 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011-05-01 20:15:05 | 000,609,896 | ---- | M] () perfc015.dat -> C:\Windows\System32\perfc015.dat -> [2011-05-01 20:15:05 | 000,132,416 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011-05-01 20:15:05 | 000,104,214 | ---- | M] () PCCT - MAGIX AG.job -> C:\Windows\tasks\PCCT - MAGIX AG.job -> [2011-05-01 20:10:53 | 000,000,458 | ---- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2011-05-01 20:10:41 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2011-05-01 20:10:38 | 2515,935,232 | -HS- | M] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011-05-01 19:50:12 | 000,001,100 | ---- | M] () GoogleUpdateTaskUserS-1-5-21-3963900671-4176970667-2950494725-1001Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3963900671-4176970667-2950494725-1001Core.job -> [2011-05-01 19:46:00 | 000,000,998 | ---- | M] () Google Chrome.lnk -> C:\Users\MOJ\Desktop\Google Chrome.lnk -> [2011-05-01 19:43:04 | 000,002,304 | ---- | M] () resmon.resmoncfg -> C:\Users\MOJ\AppData\Local\resmon.resmoncfg -> [2011-05-01 10:38:20 | 000,000,017 | ---- | M] () Launch Internet Explorer Browser.lnk -> C:\Users\MOJ\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> [2011-04-30 07:10:06 | 000,001,419 | ---- | M] () zakladki.adr -> C:\Users\MOJ\Desktop\zakladki.adr -> [2011-04-29 13:34:27 | 000,025,792 | ---- | M] () winloqon.exe -> C:\ProgramData\winloqon.exe -> [2011-04-26 17:02:11 | 000,331,776 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) svhost.exe -> C:\Program Files\Common Files\svhost.exe -> [2011-04-26 17:02:10 | 006,855,168 | RHS- | M] () csrs.exe -> C:\ProgramData\csrs.exe -> [2011-04-26 17:02:10 | 000,339,968 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2011-04-14 11:28:42 | 003,769,024 | ---- | M] () treeinfo.wc -> C:\treeinfo.wc -> [2011-04-10 13:16:57 | 000,354,048 | -H-- | M] () sh — skrót.lnk -> C:\Users\MOJ\Desktop\sh — skrót.lnk -> [2011-04-10 00:49:30 | 000,001,092 | ---- | M] () PnkBstrK.sys -> C:\Windows\System32\drivers\PnkBstrK.sys -> [2011-04-09 13:13:29 | 000,139,128 | ---- | M] () PnkBstrB.xtr -> C:\Windows\System32\PnkBstrB.xtr -> [2011-04-09 13:13:15 | 000,215,128 | ---- | M] () 4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> 2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> [Files - No Company Name] Mozilla Firefox.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> [2011-05-01 19:50:12 | 000,001,112 | ---- | C] () Mozilla Firefox.lnk -> C:\Users\Public\Desktop\Mozilla Firefox.lnk -> [2011-05-01 19:50:12 | 000,001,100 | ---- | C] () Google Chrome.lnk -> C:\Users\MOJ\Desktop\Google Chrome.lnk -> [2011-05-01 19:43:04 | 000,002,304 | ---- | C] () GoogleUpdateTaskUserS-1-5-21-3963900671-4176970667-2950494725-1001UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3963900671-4176970667-2950494725-1001UA.job -> [2011-05-01 19:41:06 | 000,001,050 | ---- | C] () GoogleUpdateTaskUserS-1-5-21-3963900671-4176970667-2950494725-1001Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3963900671-4176970667-2950494725-1001Core.job -> [2011-05-01 19:41:05 | 000,000,998 | ---- | C] () resmon.resmoncfg -> C:\Users\MOJ\AppData\Local\resmon.resmoncfg -> [2011-05-01 10:38:20 | 000,000,017 | ---- | C] () Opera.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> [2011-04-30 21:27:07 | 000,001,791 | ---- | C] () zakladki.adr -> C:\Users\MOJ\Desktop\zakladki.adr -> [2011-04-29 13:28:07 | 000,025,792 | ---- | C] () svhost.exe -> C:\Program Files\Common Files\svhost.exe -> [2011-04-26 16:53:28 | 006,855,168 | RHS- | C] () binkw32.dll -> C:\Windows\System32\binkw32.dll -> [2011-04-21 14:53:15 | 000,286,208 | ---- | C] () sh — skrót.lnk -> C:\Users\MOJ\Desktop\sh — skrót.lnk -> [2011-04-10 00:49:30 | 000,001,092 | ---- | C] () treeinfo.wc -> C:\treeinfo.wc -> [2011-04-09 23:37:16 | 000,354,048 | -H-- | C] () UC.PIF -> C:\Windows\UC.PIF -> [2011-04-09 23:35:17 | 000,000,545 | ---- | C] () RAR.PIF -> C:\Windows\RAR.PIF -> [2011-04-09 23:35:17 | 000,000,545 | ---- | C] () PKZIP.PIF -> C:\Windows\PKZIP.PIF -> [2011-04-09 23:35:17 | 000,000,545 | ---- | C] () PKUNZIP.PIF -> C:\Windows\PKUNZIP.PIF -> [2011-04-09 23:35:17 | 000,000,545 | ---- | C] () NOCLOSE.PIF -> C:\Windows\NOCLOSE.PIF -> [2011-04-09 23:35:17 | 000,000,545 | ---- | C] () LHA.PIF -> C:\Windows\LHA.PIF -> [2011-04-09 23:35:17 | 000,000,545 | ---- | C] () ARJ.PIF -> C:\Windows\ARJ.PIF -> [2011-04-09 23:35:17 | 000,000,545 | ---- | C] () DC.pdf -> C:\Users\MOJ\Desktop\DC.pdf -> [2011-04-04 11:37:10 | 009,411,419 | ---- | C] () ezsidmv.dat -> C:\Windows\System32\ezsidmv.dat -> [2011-03-13 18:34:00 | 000,000,056 | -H-- | C] () Audio Converter Pro Uninstaller.exe -> C:\Windows\Audio Converter Pro Uninstaller.exe -> [2011-03-10 20:48:01 | 000,163,235 | ---- | C] () nsreg.dat -> C:\Windows\nsreg.dat -> [2011-01-21 11:31:46 | 000,000,000 | ---- | C] () PnkBstrK.sys -> C:\Windows\System32\drivers\PnkBstrK.sys -> [2010-12-20 15:39:23 | 000,139,128 | ---- | C] () PnkBstrK.sys -> C:\Users\MOJ\AppData\Roaming\PnkBstrK.sys -> [2010-12-20 15:39:23 | 000,138,056 | ---- | C] () PnkBstrB.exe -> C:\Windows\System32\PnkBstrB.exe -> [2010-12-20 15:39:02 | 000,215,128 | ---- | C] () PnkBstrA.exe -> C:\Windows\System32\PnkBstrA.exe -> [2010-12-20 15:39:00 | 000,075,064 | ---- | C] () pbsvc_bc2.exe -> C:\Windows\System32\pbsvc_bc2.exe -> [2010-12-20 15:38:59 | 002,434,856 | ---- | C] () perfh015.dat -> C:\Windows\System32\perfh015.dat -> [2010-12-20 14:34:44 | 000,690,922 | ---- | C] () perfi015.dat -> C:\Windows\System32\perfi015.dat -> [2010-12-20 14:34:44 | 000,337,158 | ---- | C] () perfc015.dat -> C:\Windows\System32\perfc015.dat -> [2010-12-20 14:34:44 | 000,132,416 | ---- | C] () perfd015.dat -> C:\Windows\System32\perfd015.dat -> [2010-12-20 14:34:44 | 000,038,710 | ---- | C] () RtNicProp32.dll -> C:\Windows\System32\RtNicProp32.dll -> [2010-12-20 13:51:54 | 000,080,416 | ---- | C] () LogiDPP.dll -> C:\Windows\System32\LogiDPP.dll -> [2010-05-14 23:56:06 | 010,830,680 | ---- | C] () LogiDPPApp.exe -> C:\Windows\System32\LogiDPPApp.exe -> [2010-05-14 23:56:06 | 000,102,744 | ---- | C] () DevManagerCore.dll -> C:\Windows\System32\DevManagerCore.dll -> [2010-05-14 23:55:58 | 000,290,648 | ---- | C] () lvcoinst.ini -> C:\Windows\System32\lvcoinst.ini -> [2010-05-14 23:47:00 | 000,090,071 | ---- | C] () iKeyLFT2.dll -> C:\Windows\System32\drivers\iKeyLFT2.dll -> [2010-05-07 18:46:36 | 000,014,168 | ---- | C] () LVPr2Mon.sys -> C:\Windows\System32\drivers\LVPr2Mon.sys -> [2010-05-07 18:43:30 | 000,025,824 | ---- | C] () xlive.dll.cat -> C:\Windows\System32\xlive.dll.cat -> [2009-11-06 11:58:04 | 000,178,975 | ---- | C] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2009-07-14 06:33:53 | 003,769,024 | ---- | C] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2009-07-14 04:05:48 | 000,609,896 | ---- | C] () perfi009.dat -> C:\Windows\System32\perfi009.dat -> [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2009-07-14 04:05:48 | 000,104,214 | ---- | C] () perfd009.dat -> C:\Windows\System32\perfd009.dat -> [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () NOISE.DAT -> C:\Windows\System32\NOISE.DAT -> [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () dssec.dat -> C:\Windows\System32\dssec.dat -> [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () PrintBrmUi.exe -> C:\Windows\System32\PrintBrmUi.exe -> [2009-07-14 02:19:49 | 000,066,048 | ---- | C] () mib.bin -> C:\Windows\mib.bin -> [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () BthpanContextHandler.dll -> C:\Windows\System32\BthpanContextHandler.dll -> [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () BWContextHandler.dll -> C:\Windows\System32\BWContextHandler.dll -> [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () mlang.dat -> C:\Windows\System32\mlang.dat -> [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () DLLDEV32i.dll -> C:\Windows\System32\DLLDEV32i.dll -> [2007-04-27 11:43:58 | 000,120,200 | ---- | C] () < End of report > [/code]