OTL logfile created on: 2012-02-28 16:43:16 - Run 4 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Eldi\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 2,10 Gb Available Physical Memory | 60,12% Memory free 7,18 Gb Paging File | 5,90 Gb Available in Paging File | 82,19% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 33,78 Gb Free Space | 14,51% Space Free | Partition Type: NTFS Drive D: | 221,16 Gb Total Space | 36,25 Gb Free Space | 16,39% Space Free | Partition Type: NTFS Computer Name: ELDI-PC | User Name: Eldi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-02-28 16:26:23 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Eldi\Desktop\OTL.exe PRC - [2011-11-17 18:18:00 | 002,773,328 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodtray.exe PRC - [2011-11-17 18:17:46 | 002,489,680 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe PRC - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-10-15 09:53:00 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2011-10-15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011-10-14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2009-04-21 12:18:29 | 000,540,576 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe PRC - [2009-04-20 19:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe PRC - [2009-04-18 00:04:32 | 001,593,344 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-07 18:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe PRC - [2009-04-07 18:02:10 | 003,405,048 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe PRC - [2009-04-02 19:49:12 | 000,211,512 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe PRC - [2009-03-21 04:37:18 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe PRC - [2009-03-04 18:26:24 | 008,392,704 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe PRC - [2008-12-23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe PRC - [2008-10-01 07:02:48 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe PRC - [2008-09-30 23:17:32 | 000,237,568 | ---- | M] (AlcorMicro Co., Ltd.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe PRC - [2008-08-18 19:27:32 | 000,117,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe PRC - [2008-08-18 18:56:22 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe PRC - [2008-08-14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe PRC - [2008-08-14 04:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe PRC - [2008-08-14 00:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe PRC - [2008-01-21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe PRC - [2007-08-08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe PRC - [2005-07-06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-03-02 11:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009-03-24 12:10:19 | 001,034,784 | ---- | M] () -- C:\Windows\System32\RTCOM\RTCOMDLL.dll MOD - [2009-02-04 17:44:20 | 000,023,040 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll MOD - [2008-08-20 23:49:56 | 000,016,384 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll MOD - [2007-11-30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe MOD - [2007-11-12 23:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll MOD - [2007-03-10 00:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (ThreatFire) SRV - [2012-02-23 13:51:58 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-11-17 18:17:46 | 002,489,680 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent) SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-10-14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2009-09-23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009-04-07 18:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe -- (SRS_VolSync_Service) SRV - [2008-08-14 04:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-08-08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-10-30 17:28:24 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2011-10-30 17:28:24 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2011-10-15 09:53:00 | 010,327,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-07-08 00:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2010-11-25 10:53:58 | 000,160,448 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PCTAppEvent.sys -- (PCTAppEvent) DRV - [2010-11-17 10:19:50 | 000,249,616 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi) DRV - [2010-03-29 11:06:14 | 000,218,592 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore) DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- D:\PROGRAMY\ultra iso\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf) DRV - [2010-01-23 20:14:50 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-11-26 00:06:34 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2009-09-03 09:45:12 | 000,070,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pctplsg.sys -- (pctplsg) DRV - [2009-04-11 05:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) Sterownik protokołu RMCAST (Pgm) DRV - [2009-04-11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB) DRV - [2009-04-01 22:12:48 | 000,233,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2009-03-17 12:17:05 | 000,140,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009-02-18 04:01:34 | 001,093,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008-12-24 09:39:43 | 000,014,392 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2008-11-13 02:02:17 | 000,146,464 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32) DRV - [2008-11-03 08:03:27 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2008-08-25 11:22:51 | 000,015,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2008-08-11 03:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008-04-07 07:00:45 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER) DRV - [2007-07-24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2006-11-02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=brn&s={searchTerms}&f=4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = inet.pl:80 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0: C:\Program Files\Ganymede\Plugins\npganymedenet.dll ( ) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\PHPEditXdebugExtension@waterproof.fr: C:\Program Files\WaterProof\PHPEdit\4.0.2\Tools\FirefoxExtension\unpacked FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox 3.6 Beta 1\components [2012-02-20 10:49:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.6 Beta 1\plugins [2012-02-20 10:35:14 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\PHPEditXdebugExtension@waterproof.fr: C:\Program Files\WaterProof\PHPEdit\4.0.2\Tools\FirefoxExtension\unpacked [2010-06-02 17:55:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eldi\AppData\Roaming\mozilla\Extensions [2012-02-20 11:00:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eldi\AppData\Roaming\mozilla\Firefox\Profiles\aux50l82.default\extensions [2010-08-01 03:50:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Eldi\AppData\Roaming\mozilla\Firefox\Profiles\aux50l82.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-11-20 17:23:46 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Eldi\AppData\Roaming\mozilla\Firefox\Profiles\aux50l82.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011-07-10 08:09:20 | 000,000,000 | ---D | M] (M3Uripiton) -- C:\Users\Eldi\AppData\Roaming\mozilla\Firefox\Profiles\aux50l82.default\extensions\m3uripiton@logyattra.hu [2011-10-25 11:02:18 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\Eldi\AppData\Roaming\mozilla\Firefox\Profiles\aux50l82.default\extensions\support@predictad.com [2011-10-12 20:45:20 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml O1 HOSTS File: ([2010-06-13 00:27:55 | 000,001,054 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Eldi\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK) O4 - HKLM..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe () O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH) O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe () O4 - HKCU..\Run: [SRS Premium Sound] C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe (SRS Labs, Inc.) O4 - HKCU..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data] O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRealMode = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.222.116.2 91.222.118.10 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{076C38FB-E76B-431D-81F7-502B3065650C}: DhcpNameServer = 91.222.116.2 91.222.118.10 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Eldi\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Eldi\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010-06-13 13:45:02 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{2e47ad71-1104-11e1-a857-0026188b3e63}\Shell - "" = AutoRun O33 - MountPoints2\{2e47ad71-1104-11e1-a857-0026188b3e63}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{54193cc1-68ea-11df-b1fb-0026188b3e63}\Shell\AutoRun\command - "" = J:\fk.exe O33 - MountPoints2\{54193cc1-68ea-11df-b1fb-0026188b3e63}\Shell\open\Command - "" = J:\fk.exe O33 - MountPoints2\{5cbe801f-5c31-11e0-b8ee-0026188b3e63}\Shell - "" = AutoRun O33 - MountPoints2\{5cbe801f-5c31-11e0-b8ee-0026188b3e63}\Shell\AutoRun\command - "" = G:\USBAutoRun.exe O33 - MountPoints2\{9f23006d-5969-11dd-8883-0026188b3e63}\Shell\AutoRun\command - "" = G:\x3xh.exe O33 - MountPoints2\{9f23006d-5969-11dd-8883-0026188b3e63}\Shell\open\Command - "" = G:\x3xh.exe O33 - MountPoints2\{d9e088c4-55c1-11df-9d79-0026188b3e63}\Shell\AutoRun\command - "" = J:\fk.exe O33 - MountPoints2\{d9e088c4-55c1-11df-9d79-0026188b3e63}\Shell\open\Command - "" = J:\fk.exe O33 - MountPoints2\{f8513861-e8c4-11de-937c-0026188b3e63}\Shell\AutoRun\command - "" = K:\fk.exe O33 - MountPoints2\{f8513861-e8c4-11de-937c-0026188b3e63}\Shell\open\Command - "" = K:\fk.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (OODBS) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-02-28 16:26:18 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Eldi\Desktop\OTL.exe [2012-02-26 19:10:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\oodag [2012-02-26 19:07:13 | 000,000,000 | ---D | C] -- C:\Users\Eldi\AppData\Local\O&O [2012-02-26 19:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software [2012-02-26 19:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software [2012-02-26 19:05:52 | 000,000,000 | ---D | C] -- C:\Users\Eldi\AppData\Local\Downloaded Installations [2012-02-24 10:30:30 | 000,000,000 | ---D | C] -- C:\Users\Eldi\Documents\Syndicate [2012-02-22 22:28:17 | 000,000,000 | ---D | C] -- C:\Users\Eldi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The GodFather [2012-02-22 17:14:03 | 000,000,000 | ---D | C] -- C:\Users\Eldi\Desktop\♪luty_2012_dub♪ [2012-02-21 13:25:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2012-02-20 10:33:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-02-20 10:33:00 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-02-20 10:33:00 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-02-20 10:33:00 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-02-20 10:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-02-16 17:04:23 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-02-16 13:04:23 | 000,000,000 | ---D | C] -- C:\Users\Eldi\Documents\4A Games [2012-02-16 13:02:22 | 000,000,000 | ---D | C] -- C:\Users\Eldi\AppData\Local\4A Games [2012-02-15 09:21:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2012-02-15 09:21:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-02-15 09:21:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-02-15 09:21:19 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2012-02-15 09:21:19 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012-02-15 09:21:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2012-02-15 09:21:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2012-02-15 09:21:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2012-02-15 09:21:18 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012-02-15 09:21:18 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012-02-15 09:21:18 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012-02-15 09:21:18 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2012-02-15 09:21:18 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2012-02-15 09:21:18 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012-02-15 09:21:17 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-02-15 09:21:17 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012-02-15 09:21:17 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012-02-15 09:21:17 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-02-15 09:21:17 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2012-02-15 09:21:17 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2012-02-15 09:21:17 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2012-02-15 09:21:17 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012-02-15 09:21:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012-02-15 09:21:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012-02-15 09:21:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-02-15 09:21:16 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2012-02-15 09:21:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2012-02-15 09:21:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-02-15 09:21:16 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2012-02-15 09:21:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2012-02-15 09:21:15 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-02-15 09:21:15 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012-02-15 09:21:15 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012-02-15 09:21:15 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012-02-15 09:21:15 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2012-02-15 09:21:15 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012-02-15 09:21:14 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2012-02-12 22:54:10 | 000,000,000 | ---D | C] -- C:\Users\Eldi\AppData\Local\FalloutNV [2012-02-04 15:09:28 | 000,000,000 | ---D | C] -- C:\Users\Eldi\AppData\Roaming\StokedBigAir [2010-12-16 13:06:07 | 003,056,008 | ---- | C] (Ask) -- C:\Program Files\Common Files\AskToolbarInstaller.exe [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-02-28 16:26:23 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Eldi\Desktop\OTL.exe [2012-02-28 16:10:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-02-28 15:29:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-02-28 15:29:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-02-28 11:29:44 | 000,000,435 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2012-02-28 11:29:36 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-02-28 11:29:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-02-28 11:29:18 | 3757,215,744 | -HS- | M] () -- C:\hiberfil.sys [2012-02-28 11:29:17 | 000,003,828 | ---- | M] () -- C:\Windows\System32\oodbs.lor [2012-02-27 21:09:43 | 000,142,600 | ---- | M] () -- C:\Users\Eldi\Documents\cc_20120227_210931.reg [2012-02-26 19:07:00 | 000,001,914 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk [2012-02-22 22:29:47 | 000,000,575 | ---- | M] () -- C:\Users\Eldi\Desktop\TheGodFather.lnk [2012-02-22 12:44:45 | 000,090,624 | ---- | M] () -- C:\Users\Eldi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-02-21 21:34:04 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2012-02-21 20:57:09 | 000,721,784 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-02-21 20:57:09 | 000,641,408 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-02-21 20:57:09 | 000,156,442 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-02-21 20:57:09 | 000,123,372 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-02-20 10:49:55 | 000,000,966 | ---- | M] () -- C:\Users\Public\Desktop\Świat.lnk [2012-02-20 10:32:42 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2012-02-20 10:32:42 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-02-20 10:32:42 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-02-20 10:32:42 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-02-20 10:25:04 | 000,001,356 | ---- | M] () -- C:\Users\Eldi\AppData\Local\d3d9caps.dat [2012-02-17 09:17:42 | 000,385,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-02-15 09:21:29 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2012-02-15 09:21:29 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2012-02-15 09:21:20 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2012-02-15 09:21:20 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-02-15 09:21:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-02-15 09:21:19 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2012-02-15 09:21:19 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012-02-15 09:21:19 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2012-02-15 09:21:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2012-02-15 09:21:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2012-02-15 09:21:18 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012-02-15 09:21:18 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012-02-15 09:21:18 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012-02-15 09:21:18 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2012-02-15 09:21:18 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2012-02-15 09:21:18 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012-02-15 09:21:18 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012-02-15 09:21:17 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-02-15 09:21:17 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012-02-15 09:21:17 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012-02-15 09:21:17 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-02-15 09:21:17 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2012-02-15 09:21:17 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2012-02-15 09:21:17 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2012-02-15 09:21:17 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012-02-15 09:21:17 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2012-02-15 09:21:17 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012-02-15 09:21:16 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-02-15 09:21:16 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2012-02-15 09:21:16 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2012-02-15 09:21:16 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-02-15 09:21:16 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2012-02-15 09:21:16 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2012-02-15 09:21:15 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-02-15 09:21:15 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012-02-15 09:21:15 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012-02-15 09:21:15 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012-02-15 09:21:15 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2012-02-15 09:21:15 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012-02-15 09:21:14 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2012-02-07 16:24:44 | 000,114,403 | ---- | M] () -- C:\Users\Eldi\Desktop\opis auta itp.jpg [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-02-27 21:09:33 | 000,142,600 | ---- | C] () -- C:\Users\Eldi\Documents\cc_20120227_210931.reg [2012-02-27 12:07:09 | 000,003,828 | ---- | C] () -- C:\Windows\System32\oodbs.lor [2012-02-26 19:07:00 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk [2012-02-22 22:29:47 | 000,000,575 | ---- | C] () -- C:\Users\Eldi\Desktop\TheGodFather.lnk [2012-02-20 10:49:55 | 000,000,966 | ---- | C] () -- C:\Users\Public\Desktop\Świat.lnk [2012-02-20 10:35:15 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012-02-15 09:21:17 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2012-02-07 16:24:44 | 000,114,403 | ---- | C] () -- C:\Users\Eldi\Desktop\opis auta itp.jpg [2012-01-15 17:29:14 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012-01-14 16:26:10 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2011-10-14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011-04-09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-03-16 13:37:02 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-12-20 17:09:06 | 000,000,004 | ---- | C] () -- C:\Users\Eldi\AppData\Roaming\steam_md4.dat [2010-12-16 13:06:07 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe [2010-12-03 15:39:22 | 000,000,000 | ---- | C] () -- C:\Users\Eldi\AppData\Roaming\sversion.ini [2010-12-03 15:37:21 | 000,069,632 | ---- | C] () -- C:\Windows\uinst001.exe [2010-09-22 17:43:11 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini [2010-09-12 20:15:48 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2010-09-12 20:15:48 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2010-09-12 20:15:48 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2010-06-09 12:48:59 | 000,002,432 | ---- | C] () -- C:\Users\Eldi\AppData\Local\TempqM3484.html [2010-06-09 12:48:59 | 000,002,089 | ---- | C] () -- C:\Users\Eldi\AppData\Local\TempDk3484.html [2010-06-04 16:58:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010-06-04 16:58:28 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010-04-05 09:46:47 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2010-03-08 15:35:18 | 000,022,328 | ---- | C] () -- C:\Users\Eldi\AppData\Roaming\PnkBstrK.sys [2010-03-08 15:35:03 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010-03-08 15:35:01 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [color=#E56717]========== Files - Unicode (All) ==========[/color] [2011-01-11 19:11:17 | 000,000,000 | ---D | M](C:\Users\Eldi\Documents\??? ????) -- C:\Users\Eldi\Documents\Мои игры [2011-01-11 19:11:17 | 000,000,000 | ---D | C](C:\Users\Eldi\Documents\??? ????) -- C:\Users\Eldi\Documents\Мои игры [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:05EE1EEF @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:5160F090 @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:9E00596C @Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:C8B8CEBD @Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:CB0AACC9 @Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:B7177954 @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:430C6D84 @Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:C31F31E6 < End of report >