OTL logfile created on: 2011-09-10 18:36:45 - Run 1
OTL by OldTimer - Version 3.2.27.0     Folder = C:\Users\Bartek\Desktop
64bit- Home Premium Edition Service Pack 3 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 59,08% Memory free
6,00 Gb Paging File | 4,64 Gb Available in Paging File | 77,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 19,02 Gb Free Space | 38,95% Space Free | Partition Type: NTFS
Drive D: | 58,60 Gb Total Space | 41,62 Gb Free Space | 71,03% Space Free | Partition Type: NTFS
Drive E: | 29,29 Gb Total Space | 12,11 Gb Free Space | 41,33% Space Free | Partition Type: NTFS
Drive F: | 96,16 Gb Total Space | 24,56 Gb Free Space | 25,54% Space Free | Partition Type: NTFS
 
Computer Name: MASTER | User Name: Bartek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011-09-10 18:20:28 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Bartek\Desktop\OTL.exe
PRC - [2011-09-09 16:49:55 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011-09-08 00:13:24 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011-08-02 17:30:51 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011-07-04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011-05-25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011-09-09 16:49:55 | 014,407,976 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011-09-09 16:49:55 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011-09-09 16:49:55 | 000,190,248 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2011-09-09 16:49:55 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011-09-09 16:49:55 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011-09-08 00:13:23 | 001,846,232 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011-08-16 15:24:55 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011-05-20 22:35:00 | 000,247,400 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011-07-04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2010-02-11 07:29:30 | 000,952,320 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011-09-09 16:49:55 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-05-25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2011-07-04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2011-07-04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2011-07-04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2011-07-04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2011-07-04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2011-07-04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2011-05-25 09:25:48 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:[b]64bit:[/b] - [2010-12-02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:[b]64bit:[/b] - [2010-12-02 10:36:42 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:[b]64bit:[/b] - [2010-12-02 10:36:40 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010-11-20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:[b]64bit:[/b] - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - [2010-04-28 01:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:[b]64bit:[/b] - [2010-04-28 01:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:[b]64bit:[/b] - [2010-04-28 01:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:[b]64bit:[/b] - [2010-04-27 23:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:[b]64bit:[/b] - [2010-04-27 23:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV:[b]64bit:[/b] - [2010-04-27 04:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV:[b]64bit:[/b] - [2010-02-11 09:42:54 | 005,352,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009-07-14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:[b]64bit:[/b] - [2009-06-10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2010-06-14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1490609586-3010364471-2914932317-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-1490609586-3010364471-2914932317-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "www.onet.pl"
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-09-08 00:13:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-07-09 17:34:59 | 000,000,000 | ---D | M]
 
[2011-04-23 17:44:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartek\AppData\Roaming\mozilla\Extensions
[2011-08-13 22:37:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bartek\AppData\Roaming\mozilla\Firefox\Profiles\38jf9kzj.default\extensions
[2011-08-13 22:37:58 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Bartek\AppData\Roaming\mozilla\Firefox\Profiles\38jf9kzj.default\extensions\DeviceDetection@logitech.com
[2011-07-09 17:40:36 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Bartek\AppData\Roaming\mozilla\Firefox\Profiles\38jf9kzj.default\extensions\IplextoALL@ALLPlayer.org
[2011-07-03 22:50:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011-04-23 19:14:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-07-03 22:50:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\BARTEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\38JF9KZJ.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2011-09-08 00:13:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011-06-30 20:30:14 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011-06-25 10:33:47 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2011-06-25 10:33:47 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2011-06-25 10:33:47 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2011-06-25 10:33:47 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2011-06-25 10:33:47 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-06-25 10:33:47 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL (ALLCinema Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:[b]64bit:[/b] - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1000..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1000..\Run: [RGSC]  File not found
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1003..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1003..\Run: [DAEMON Tools Lite]  File not found
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1003..\Run: [RGSC]  File not found
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1003..\Run: [StartWMDriverWiz]  File not found
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1003..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-21-1490609586-3010364471-2914932317-1003..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.49 212.76.34.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{357A7037-48B0-422D-B5BC-D80DE53488CB}: DhcpNameServer = 212.76.34.49 212.76.34.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B08D7678-0A5C-4BCF-BED5-0D08DB4E134F}: DhcpNameServer = 212.76.34.49 212.76.34.50
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{88177b37-6dbd-11e0-9306-000e2ece14cc}\Shell - "" = AutoRun
O33 - MountPoints2\{88177b37-6dbd-11e0-9306-000e2ece14cc}\Shell\AutoRun\command - "" = I:\Autorun.exe
O33 - MountPoints2\{88177b39-6dbd-11e0-9306-000e2ece14cc}\Shell - "" = AutoRun
O33 - MountPoints2\{88177b39-6dbd-11e0-9306-000e2ece14cc}\Shell\AutoRun\command - "" = J:\setup.exe /autorun
O33 - MountPoints2\{e2d00cc1-9e3a-11e0-84dd-000e2ece14cc}\Shell - "" = AutoRun
O33 - MountPoints2\{e2d00cc1-9e3a-11e0-84dd-000e2ece14cc}\Shell\AutoRun\command - "" = H:\autoplay.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011-09-10 18:20:21 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Bartek\Desktop\OTL.exe
[2011-08-23 16:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire
[2011-08-21 10:06:37 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\New Life of Heroes
[2011-08-21 10:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\New Life of Heroes
[2011-08-21 10:01:24 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes III
[2011-08-21 10:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes III
[2011-08-19 10:29:39 | 002,576,384 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\LWCtPl.dll
[2011-08-19 10:29:37 | 000,356,352 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\WMWizard.dll
[2011-08-19 10:29:37 | 000,086,016 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9xDAPI.dll
[2011-08-19 10:29:37 | 000,061,440 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\W9XdInst.dll
[2011-08-19 10:29:37 | 000,027,388 | ---- | C] (Immersion Corporation) -- C:\Windows\SysWow64\drivers\ihidfilt.sys
[2011-08-19 10:29:37 | 000,017,536 | ---- | C] (Logitech Inc.) -- C:\Windows\SysWow64\drivers\LHidHi.sys
[2011-08-19 10:29:37 | 000,014,144 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LHidLo.sys
[2011-08-19 10:29:37 | 000,010,432 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\drivers\LUsbSys.sys
[2011-08-19 10:29:36 | 000,167,936 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\WmJoyFrc.dll
[2011-08-19 10:29:36 | 000,033,216 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysWow64\LFLoad.sys
[2011-08-19 10:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2011-08-18 09:04:38 | 000,000,000 | ---D | C] -- C:\Users\Bartek\AppData\Roaming\IrfanView
[2011-08-18 09:04:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2011-08-13 22:39:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Logitech
[2011-08-12 10:16:03 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011-08-12 10:16:03 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011-08-12 10:16:02 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011-05-01 23:18:27 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011-09-10 18:37:53 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011-09-10 18:37:53 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011-09-10 18:30:41 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2011-09-10 18:30:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011-09-10 18:30:24 | 2415,566,848 | -HS- | M] () -- C:\hiberfil.sys
[2011-09-10 18:29:33 | 001,572,864 | -HS- | M] () -- C:\Users\Bartek\NTUSER.DAT
[2011-09-10 18:29:30 | 004,840,122 | -H-- | M] () -- C:\Users\Bartek\AppData\Local\IconCache.db
[2011-09-10 18:26:38 | 000,268,238 | ---- | M] () -- C:\Users\Bartek\Desktop\1234.jpg
[2011-09-10 18:20:28 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Bartek\Desktop\OTL.exe
[2011-09-10 18:19:56 | 000,879,225 | ---- | M] () -- C:\Users\Bartek\Desktop\SecurityCheck.exe
[2011-09-03 14:21:42 | 000,000,355 | ---- | M] () -- C:\Users\Bartek\Desktop\Kosz — skrót.lnk
[2011-08-31 11:02:56 | 000,004,608 | ---- | M] () -- C:\Users\Bartek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-08-27 09:14:39 | 000,057,560 | ---- | M] () -- C:\Users\Bartek\AppData\Local\GDIPFONTCACHEV1.DAT
[2011-08-23 15:37:36 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011-08-23 15:37:36 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2011-08-23 15:37:36 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011-08-23 15:37:36 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2011-08-23 15:37:36 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011-08-21 14:28:29 | 000,098,922 | ---- | M] () -- C:\Users\Bartek\Desktop\wielka-wojna.h3m
[2011-08-21 10:09:36 | 000,274,840 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011-08-21 10:06:37 | 000,000,680 | ---- | M] () -- C:\Users\Bartek\Desktop\New Features of Heroes III In the Wake of Gods.lnk
[2011-08-21 10:06:37 | 000,000,655 | ---- | M] () -- C:\Users\Bartek\Desktop\Heroes III In the Wake of Gods.lnk
[2011-08-19 20:13:33 | 001,450,887 | ---- | M] () -- C:\Users\Bartek\Desktop\WoG358fpl_beta.zip
[2011-08-19 10:05:01 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011-08-19 10:05:01 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011-08-16 15:24:55 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011-09-10 18:26:37 | 000,268,238 | ---- | C] () -- C:\Users\Bartek\Desktop\1234.jpg
[2011-09-10 18:19:52 | 000,879,225 | ---- | C] () -- C:\Users\Bartek\Desktop\SecurityCheck.exe
[2011-09-03 14:21:41 | 000,000,355 | ---- | C] () -- C:\Users\Bartek\Desktop\Kosz — skrót.lnk
[2011-08-21 14:22:48 | 000,098,922 | ---- | C] () -- C:\Users\Bartek\Desktop\wielka-wojna.h3m
[2011-08-21 10:06:37 | 000,000,680 | ---- | C] () -- C:\Users\Bartek\Desktop\New Features of Heroes III In the Wake of Gods.lnk
[2011-08-21 10:06:37 | 000,000,655 | ---- | C] () -- C:\Users\Bartek\Desktop\Heroes III In the Wake of Gods.lnk
[2011-08-21 09:54:07 | 000,000,782 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odinstaluj Heroes III Armageddon's Blade.lnk
[2011-08-21 09:54:07 | 000,000,638 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomoc dla Heroes III Armageddon's Blade.lnk
[2011-08-21 09:54:07 | 000,000,605 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edytor kampanii.lnk
[2011-08-21 09:54:07 | 000,000,600 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes III Armageddon's Blade.lnk
[2011-08-21 09:51:43 | 000,000,784 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Odinstaluj Heroes III The Restoration of Erathia.lnk
[2011-08-21 09:51:43 | 000,000,643 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes III - Misja Treningowa.lnk
[2011-08-21 09:51:43 | 000,000,605 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wyœwietl Readme.lnk
[2011-08-21 09:51:43 | 000,000,605 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes III The Restoration of Erathia.lnk
[2011-08-21 09:51:43 | 000,000,605 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Edytor Map.lnk
[2011-08-21 09:51:42 | 000,122,884 | ---- | C] () -- C:\Windows\UnGins.exe
[2011-08-19 20:13:32 | 001,450,887 | ---- | C] () -- C:\Users\Bartek\Desktop\WoG358fpl_beta.zip
[2011-08-19 10:29:37 | 000,040,655 | ---- | C] () -- C:\Windows\SysWow64\LXLCore.VxD
[2011-08-19 10:29:37 | 000,034,784 | ---- | C] () -- C:\Windows\SysWow64\Ljoy.VxD
[2011-08-19 10:29:37 | 000,022,659 | ---- | C] () -- C:\Windows\SysWow64\Lserial.VxD
[2011-08-19 10:29:37 | 000,019,620 | ---- | C] () -- C:\Windows\SysWow64\LJoyFrc.vxd
[2011-08-19 10:29:37 | 000,016,680 | ---- | C] () -- C:\Windows\SysWow64\LDigital.VxD
[2011-08-19 10:29:37 | 000,011,428 | ---- | C] () -- C:\Windows\SysWow64\LUsbVxd.vxd
[2011-08-19 10:29:37 | 000,009,196 | ---- | C] () -- C:\Windows\SysWow64\LJoyV.VxD
[2011-08-19 10:29:36 | 000,006,243 | ---- | C] () -- C:\Windows\SysWow64\LAnalog.VxD
[2011-08-19 09:50:33 | 000,004,608 | ---- | C] () -- C:\Users\Bartek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-05-20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011-05-01 23:18:32 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011-05-01 23:18:31 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-05-01 23:18:27 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-05-01 23:18:27 | 000,000,590 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2011-05-01 23:18:26 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011-05-01 23:12:35 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011-05-01 23:12:35 | 000,258,048 | ---- | C] () -- C:\Windows\SysWow64\libFLAC.dll
[2011-04-23 18:16:29 | 000,057,560 | ---- | C] () -- C:\Users\Bartek\AppData\Local\GDIPFONTCACHEV1.DAT
[2011-04-23 16:57:45 | 004,840,122 | -H-- | C] () -- C:\Users\Bartek\AppData\Local\IconCache.db
[2011-04-23 16:47:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009-07-14 04:34:57 | 000,000,403 | ---- | C] () -- C:\Windows\win.ini
[2009-07-14 04:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007-10-25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011-04-23 18:41:40 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\DAEMON Tools Lite
[2011-04-23 17:52:06 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\GHISLER
[2011-08-18 09:04:38 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\IrfanView
[2011-05-25 23:30:13 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Samsung
[2011-08-08 10:12:30 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\Sports Interactive
[2011-08-08 08:22:19 | 000,000,000 | ---D | M] -- C:\Users\Bartek\AppData\Roaming\uTorrent
[2011-08-26 15:31:44 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >