OTL logfile created on: 2012-03-28 21:28:05 - Run 3 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Jaro\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,48 Gb Available Physical Memory | 62,11% Memory free 8,00 Gb Paging File | 6,23 Gb Available in Paging File | 77,87% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 39,06 Gb Total Space | 6,17 Gb Free Space | 15,80% Space Free | Partition Type: NTFS Drive D: | 97,65 Gb Total Space | 18,31 Gb Free Space | 18,75% Space Free | Partition Type: NTFS Drive E: | 329,04 Gb Total Space | 134,47 Gb Free Space | 40,87% Space Free | Partition Type: NTFS Drive G: | 3,73 Gb Total Space | 2,89 Gb Free Space | 77,60% Space Free | Partition Type: FAT32 Drive I: | 5,59 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive L: | 18,69 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: JARO-KOMPUTER | User Name: Jaro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-03-28 12:46:14 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Jaro\Desktop\OTL.exe PRC - [2012-03-23 15:49:09 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-01-05 14:40:57 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2012-01-05 00:35:48 | 000,536,576 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-12-09 19:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2011-11-09 22:35:52 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe PRC - [2011-08-02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2010-11-20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe PRC - [2010-10-25 01:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) -- C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe PRC - [2010-04-30 18:33:22 | 000,846,336 | ---- | M] () -- C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe PRC - [2009-05-25 11:33:50 | 006,017,024 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe PRC - [2009-04-02 13:27:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-03-23 15:49:09 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012-01-05 00:35:48 | 000,536,576 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\PLAY ONLINE.exe MOD - [2011-11-09 22:35:14 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ATI Technologies\HydraVision\hydraplk.dll MOD - [2010-04-30 18:33:22 | 000,846,336 | ---- | M] () -- C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe MOD - [2010-01-14 23:31:22 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Wireless Keyboard Driver\KHKEY.dll MOD - [2009-12-15 18:39:02 | 000,991,232 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NDISAPI.dll MOD - [2009-12-15 18:39:02 | 000,598,016 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\atcomm.dll MOD - [2009-12-15 18:39:02 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceMgrUIPlugin.dll MOD - [2009-12-15 18:39:02 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DetectDev.dll MOD - [2009-12-15 18:39:02 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\SMSPlugin.dll MOD - [2009-12-15 18:39:02 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NetInfoPlugin.dll MOD - [2009-12-15 18:39:02 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\LocaleMgrPlugin.dll MOD - [2009-12-15 18:39:02 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceMgrPlugin.dll MOD - [2009-12-15 18:39:02 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\FileManager.dll MOD - [2009-12-15 18:39:02 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DialUpPlugin.dll MOD - [2009-12-15 18:39:02 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\XCodec.dll MOD - [2009-12-15 18:39:02 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\DeviceOperate.dll MOD - [2009-12-15 18:39:02 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\ConfigFilePlugin.dll MOD - [2009-12-15 18:39:02 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\NotifyServicePlugin.dll MOD - [2009-12-15 18:39:02 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\PLAY ONLINE\isaputrace.dll MOD - [2009-05-25 11:33:50 | 006,017,024 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe MOD - [2009-04-22 21:20:00 | 000,179,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\AsusService.dll MOD - [2009-04-20 14:55:34 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\pngio.dll MOD - [2006-01-10 17:50:20 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\AsIO.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011-11-10 05:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012-01-13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-10-25 01:11:06 | 000,360,960 | ---- | M] (iZ3D Inc.) [Auto | Running] -- C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe -- (S3DSvc32) S3D Service (Win32) SRV - [2010-10-25 01:09:04 | 000,480,768 | ---- | M] (iZ3D Inc.) [Auto | Running] -- C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe -- (S3DSvc64) S3D Service (Win64) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009-04-02 13:27:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012-03-28 10:56:30 | 000,015,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon) DRV:[b]64bit:[/b] - [2012-03-22 18:48:14 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:[b]64bit:[/b] - [2012-02-28 10:13:11 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2012-02-28 10:09:02 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2012-02-28 10:09:01 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2012-01-08 13:13:15 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011-12-10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2011-11-10 05:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2011-11-10 04:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2011-10-17 19:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2011-08-02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011-06-10 10:26:40 | 000,416,768 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb) DRV:[b]64bit:[/b] - [2011-06-10 10:26:00 | 000,222,976 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-10-26 11:42:24 | 000,181,040 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx) DRV:[b]64bit:[/b] - [2010-07-27 03:52:16 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2010-06-09 18:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2) DRV:[b]64bit:[/b] - [2010-06-09 18:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1) DRV:[b]64bit:[/b] - [2010-04-22 20:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:[b]64bit:[/b] - [2009-11-02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:[b]64bit:[/b] - [2009-08-23 14:08:10 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-14 10:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV:[b]64bit:[/b] - [2000-01-01 02:00:00 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV - [2010-10-06 19:04:02 | 000,043,704 | ---- | M] () [Kernel | System | Running] -- C:\Program Files (x86)\iZ3D Driver\Win64\S3DInjectionDriver.sys -- (iZ3DInjectionDriver) DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20120220103655019&tb_oid=20-02-2012&tb_mrud=20-02-2012 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{74E6CF03-44E9-4AE1-B551-89F46A0919BE}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={FDDC7E8A-BEDA-4A38-B03A-092AAA0A49F6}&mid=ba220518693b47d1a329d15756fbb957-d2cb598395325632bb6493783fdaa0ccc4e833a7&lang=pl&ds=ts024&pr=sa&d=2002-01-01 00:20:57&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7Bd64b7f36-3714-41ba-bc0e-b4a68b14f932%7D&mid=ba220518693b47d1a329d15756fbb957-d2cb598395325632bb6493783fdaa0ccc4e833a7&ds=ts024&v=10.0.0.7&lang=pl&pr=sa&d=2002-01-01%2000%3A20%3A57&sap=ku&q=" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-28 19:12:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-03-23 15:49:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-03-28 18:37:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2012-01-05 00:35:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaro\AppData\Roaming\mozilla\Extensions [2012-03-28 18:37:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaro\AppData\Roaming\mozilla\Firefox\Profiles\tit9lrc1.default\extensions [2012-03-25 09:26:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012-03-22 18:23:21 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2012-03-23 15:49:09 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-11-10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-12-09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-01-05 12:24:16 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2002-01-01 01:20:53 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012-01-05 12:24:16 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2012-01-05 12:24:16 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2012-01-05 12:24:16 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2012-01-05 12:24:16 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-01-05 12:24:16 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-04-06 17:28:19 | 000,000,938 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKLM..\Run: [WIRELESS-KB-LED-STATUS] C:\Program Files (x86)\Wireless Keyboard Driver\LedStatusApp.exe () O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD) O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:[b]64bit:[/b] - Extra context menu item: E&ksport do programu Microsoft Excel - E:\microsoft office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&ksport do programu Microsoft Excel - E:\microsoft office 2003\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\microsoft office 2003\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F291D01-CC2F-4116-A7A2-5A84850FA1FB}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDB5C89F-A44F-4542-A252-9D78FDF282C1}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml - No CLSID value found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - File not found O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-11-22 02:39:09 | 000,000,000 | ---D | M] - I:\AutoRunSrc -- [ CDFS ] O32 - AutoRun File - [2007-06-30 11:35:10 | 001,024,000 | R--- | M] () - I:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2007-11-22 02:39:09 | 000,003,310 | R--- | M] () - I:\autorun.ico -- [ CDFS ] O32 - AutoRun File - [2007-11-22 02:39:09 | 000,000,047 | R--- | M] () - I:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2009-08-23 20:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - L:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008-03-07 18:34:52 | 000,000,047 | R--- | M] () - L:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-03-28 21:21:22 | 000,000,000 | ---D | C] -- C:\_OTL [2012-03-28 20:18:03 | 002,345,472 | ---- | C] (Helge Klein) -- C:\Windows\SetACL.exe [2012-03-28 12:11:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2012-03-28 12:11:57 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2012-03-22 18:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2011 [2012-03-22 18:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012-03-22 18:03:54 | 000,556,120 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2012-03-22 18:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2012-03-22 16:38:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012-03-22 16:30:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegGenie [2012-03-22 16:25:14 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\RegGenie [2012-03-22 16:18:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegGenie [2012-03-22 11:19:25 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Local\2K Games [2012-03-22 10:22:57 | 000,000,000 | ---D | C] -- C:\Users\Jaro\Documents\4A Games [2012-03-22 10:19:07 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Local\4A Games [2012-03-22 09:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ [2012-03-21 15:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZ3D Driver [2012-03-21 15:46:23 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\iZ3D Driver [2012-03-21 15:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\iZ3D Driver [2012-03-21 15:46:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iZ3D Driver [2012-03-21 13:14:55 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Local\Licenses [2012-03-21 13:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DDD [2012-03-20 20:33:59 | 005,463,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9d_41.dll [2012-03-20 20:33:59 | 001,523,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite_beta.dll [2012-03-20 20:33:59 | 000,978,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudioD2_4.dll [2012-03-20 20:33:59 | 000,636,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXGI_beta.dll [2012-03-20 20:33:59 | 000,407,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XactEngineA3_4.dll [2012-03-20 20:33:59 | 000,324,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XactEngineD3_4.dll [2012-03-20 20:33:59 | 000,134,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFXD1_3.dll [2012-03-20 20:33:59 | 000,053,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudioD1_6.dll [2012-03-20 20:33:58 | 004,830,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9d_33.dll [2012-03-20 20:33:58 | 002,883,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9d.dll [2012-03-20 20:33:58 | 001,275,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D10WARP_beta.dll [2012-03-20 20:33:58 | 000,994,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D2D1_beta.dll [2012-03-20 20:33:58 | 000,931,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudioD2_4.dll [2012-03-20 20:33:58 | 000,780,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D11_beta.dll [2012-03-20 20:33:58 | 000,664,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D11Ref.dll [2012-03-20 20:33:58 | 000,640,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D11SDKLayers.dll [2012-03-20 20:33:58 | 000,607,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D10SDKLayers.DLL [2012-03-20 20:33:58 | 000,579,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX10d_41.dll [2012-03-20 20:33:58 | 000,575,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D10Level9_beta.dll [2012-03-20 20:33:58 | 000,492,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXGI_beta.dll [2012-03-20 20:33:58 | 000,486,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D10Ref.DLL [2012-03-20 20:33:58 | 000,447,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dref9.dll [2012-03-20 20:33:58 | 000,428,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XactEngineA3_4.dll [2012-03-20 20:33:58 | 000,343,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XactEngineD3_4.dll [2012-03-20 20:33:58 | 000,330,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D10_1core_beta.dll [2012-03-20 20:33:58 | 000,282,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX11_41.dll [2012-03-20 20:33:58 | 000,204,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3D10_1_beta.dll [2012-03-20 20:33:58 | 000,125,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFXD1_3.dll [2012-03-20 20:33:58 | 000,045,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudioD1_6.dll [2012-03-20 20:33:57 | 004,280,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3dx9d_41.dll [2012-03-20 20:33:57 | 003,795,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9d_33.dll [2012-03-20 20:33:57 | 002,650,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9d.dll [2012-03-20 20:33:57 | 001,063,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite_beta.dll [2012-03-20 20:33:57 | 000,518,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D11_beta.dll [2012-03-20 20:33:57 | 000,497,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX10d_41.dll [2012-03-20 20:33:57 | 000,492,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D11SDKLayers.dll [2012-03-20 20:33:57 | 000,492,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D11Ref.dll [2012-03-20 20:33:57 | 000,348,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dref9.dll [2012-03-20 20:33:57 | 000,233,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX11_41.dll [2012-03-20 20:33:57 | 000,225,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D10_1core_beta.dll [2012-03-20 20:33:57 | 000,168,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D10_1_beta.dll [2012-03-20 20:33:56 | 000,842,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D2D1_beta.dll [2012-03-20 20:33:56 | 000,799,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D10WARP_beta.dll [2012-03-20 20:33:56 | 000,491,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D10Level9_beta.dll [2012-03-20 20:33:56 | 000,441,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D10SDKLayers.DLL [2012-03-20 20:33:56 | 000,355,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3D10Ref.DLL [2012-03-20 20:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (March 2009) [2012-03-20 20:32:20 | 000,118,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\dxsdkuninst.exe [2012-03-20 20:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft DirectX SDK (March 2009) [2012-03-20 17:57:19 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\ATI [2012-03-20 17:57:19 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Local\ATI [2012-03-20 17:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012-03-20 17:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012-03-20 17:55:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2012-03-20 17:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012-03-20 17:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012-03-20 17:54:17 | 000,093,712 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\AtihdW76.sys [2012-03-20 17:54:05 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2012-03-20 17:54:05 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2012-03-20 17:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2012-03-20 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012-03-20 17:52:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-03-20 17:45:18 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner [2012-03-20 17:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner [2012-03-19 19:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp [2012-03-19 19:44:47 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp [2012-03-19 18:55:06 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Local\OCCT [2012-03-19 18:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012-03-19 18:53:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys [2012-03-19 18:38:59 | 000,000,000 | ---D | C] -- C:\Users\Jaro\Documents\OCCT [2012-03-19 18:25:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OCCTPT [2012-03-19 18:25:00 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT [2012-03-19 18:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT [2012-03-19 18:24:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012-03-19 15:17:19 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinX [2012-03-19 15:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LinX [2012-03-19 11:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2012-03-14 14:57:06 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012-03-14 14:57:06 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012-03-14 14:57:05 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012-03-14 14:36:27 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012-03-14 14:35:03 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012-03-14 14:35:03 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012-03-14 14:35:03 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012-03-14 14:35:03 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012-03-14 14:35:03 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012-03-13 10:28:22 | 000,000,000 | ---D | C] -- C:\Users\Jaro\Documents\Thief - Deadly Shadows [2012-03-13 10:23:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Thief - Deadly Shadows [2012-03-13 10:21:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos [2012-03-13 10:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2012-03-13 10:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos Interactive [2012-03-04 00:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wireless Keyboard Driver [2012-03-03 19:57:16 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Roaming\Apple Computer [2012-03-03 19:57:16 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Local\Apple Computer [2012-03-03 19:57:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012-03-03 19:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012-03-03 19:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2012-03-03 19:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012-03-03 19:56:29 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Local\Apple [2012-03-03 19:56:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012-03-03 19:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012-03-03 19:56:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2012-03-03 19:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012-03-03 19:56:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2012-02-28 11:01:31 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Local\Oblivion [2012-02-28 10:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls IV - Oblivion - Złota edycja [2012-02-28 10:22:23 | 000,000,000 | ---D | C] -- C:\Users\Jaro\AppData\Local\Risen [2012-02-28 10:20:45 | 000,000,000 | ---D | C] -- C:\Users\Jaro\Documents\Alcohol 120% [2012-02-28 10:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft [2012-02-28 10:08:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-03-28 21:30:08 | 000,023,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-03-28 21:30:08 | 000,023,136 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-03-28 21:30:00 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012-03-28 21:30:00 | 000,697,674 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2012-03-28 21:30:00 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012-03-28 21:30:00 | 000,134,784 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2012-03-28 21:30:00 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012-03-28 21:23:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-03-28 21:22:53 | 3220,475,904 | -HS- | M] () -- C:\hiberfil.sys [2012-03-28 11:22:40 | 000,000,636 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-03-28 10:56:30 | 000,015,672 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys [2012-03-23 19:49:42 | 000,015,410 | ---- | M] () -- C:\Users\Jaro\Documents\cc_20120323_184939.reg [2012-03-22 18:48:14 | 000,556,120 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2012-03-22 18:48:11 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat [2012-03-22 18:48:11 | 000,107,177 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat [2012-03-22 16:52:25 | 000,417,456 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012-03-20 20:31:55 | 000,118,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\dxsdkuninst.exe [2012-03-20 17:56:49 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012-03-14 14:53:15 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job [2012-03-11 20:58:15 | 000,001,782 | ---- | M] () -- C:\Users\Jaro\Documents\cc_20120311_195810.reg [2012-03-11 14:32:19 | 000,000,319 | ---- | M] () -- C:\Users\Jaro\Documents\ax_files.xml [2012-03-04 00:34:51 | 000,014,438 | ---- | M] () -- C:\Users\Jaro\Documents\cc_20120303_233446.reg [2012-02-28 10:13:11 | 000,828,912 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2012-02-28 10:09:02 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2012-02-28 10:09:01 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-03-28 11:22:40 | 000,000,636 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-03-23 19:49:40 | 000,015,410 | ---- | C] () -- C:\Users\Jaro\Documents\cc_20120323_184939.reg [2012-03-22 18:04:33 | 000,152,233 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat [2012-03-22 18:04:33 | 000,107,177 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat [2012-03-22 16:18:26 | 000,299,544 | ---- | C] () -- C:\Windows\RegGenieOnUninstall.exe [2012-03-21 15:46:24 | 000,190,464 | ---- | C] () -- C:\Windows\SysWow64\PCGW32.DLL [2012-03-20 17:56:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012-03-20 17:54:05 | 000,208,016 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb [2012-03-20 17:54:05 | 000,208,016 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2012-03-20 17:54:05 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012-03-20 17:54:05 | 000,204,960 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat [2012-03-20 17:54:05 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012-03-20 17:54:05 | 000,157,152 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat [2012-03-20 17:54:05 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012-03-20 17:54:05 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat [2012-03-20 17:53:52 | 000,036,338 | ---- | C] () -- C:\Windows\atiogl.xml [2012-03-20 17:45:19 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\rtvcvfw32.dll [2012-03-11 20:58:12 | 000,001,782 | ---- | C] () -- C:\Users\Jaro\Documents\cc_20120311_195810.reg [2012-03-04 00:34:49 | 000,014,438 | ---- | C] () -- C:\Users\Jaro\Documents\cc_20120303_233446.reg [2012-03-03 19:56:29 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012-02-28 10:22:12 | 000,000,319 | ---- | C] () -- C:\Users\Jaro\Documents\ax_files.xml [2012-02-28 10:13:11 | 000,828,912 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2012-02-28 10:09:02 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2012-02-28 10:09:01 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2012-02-09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012-01-15 18:59:43 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2012-01-13 20:54:53 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012-01-13 20:54:53 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2012-01-13 20:54:52 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2012-01-13 20:54:52 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2012-01-13 20:54:52 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012-01-05 13:34:48 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll [2012-01-05 13:34:48 | 000,014,392 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2012-01-05 13:34:40 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2012-01-05 13:34:40 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys [2012-01-05 00:04:20 | 000,001,746 | ---- | C] () -- C:\Windows\Language_trs.ini [2011-11-09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011-11-09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [color=#E56717]========== LOP Check ==========[/color] [2012-01-05 18:20:59 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Auslogics [2012-01-05 00:56:10 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Carambis [2012-03-28 20:03:20 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\DAEMON Tools Lite [2012-02-24 14:53:10 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\dll-files.com [2012-03-21 15:46:23 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\iZ3D Driver [2012-02-24 15:25:42 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\NapiProjekt [2012-03-22 16:25:14 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\RegGenie [2012-02-19 17:15:47 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\SumatraPDF [2012-01-08 15:16:39 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Ubisoft [2012-03-14 14:53:15 | 000,000,250 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job [2012-03-28 18:21:44 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command >[/color] "" = C:\Program Files (x86)\Mozilla Firefox\firefox.exe -- [2012-03-23 15:49:09 | 000,924,600 | ---- | M] (Mozilla Corporation) [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command >[/color] "" = C:\Program Files (x86)\Internet Explorer\iexplore.exe -- [2010-11-20 14:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) < End of report >