OTL logfile created on: 2011-06-25 11:22:47 - Run 2 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\WIN\Desktop\OTL 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,39% Memory free 7,99 Gb Paging File | 5,80 Gb Available in Paging File | 72,60% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,66 Gb Total Space | 132,27 Gb Free Space | 28,40% Space Free | Partition Type: NTFS Drive D: | 4,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive G: | 3,72 Gb Total Space | 3,34 Gb Free Space | 89,83% Space Free | Partition Type: FAT32 Computer Name: WIN-KOMPUTER | User Name: WIN | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-06-25 11:01:59 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\WIN\Desktop\OTL\OTL.exe PRC - [2011-06-24 14:41:50 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011-06-07 21:32:04 | 002,586,736 | ---- | M] (GamersFirst) -- C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe PRC - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-05-05 14:35:21 | 003,071,384 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2011-04-20 19:19:14 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011-03-29 13:54:53 | 000,400,760 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2010-12-06 18:44:15 | 000,135,168 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWOW64\UAService7.exe PRC - [2010-12-04 14:18:30 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2010-11-29 11:55:44 | 002,676,696 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe PRC - [2010-11-17 10:29:38 | 000,287,024 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe PRC - [2010-07-30 18:24:58 | 000,760,720 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe PRC - [2010-07-12 18:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2009-12-15 14:47:00 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009-10-15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe PRC - [2009-10-15 15:06:42 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe PRC - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2008-10-01 19:43:12 | 000,548,864 | ---- | M] (BL) -- C:\Program Files (x86)\lg_fwupdate\fwupdate.exe PRC - [2008-08-28 10:49:36 | 000,131,072 | ---- | M] (Saitek) -- C:\Program Files (x86)\Saitek\SD6\Software\SaiMfd.exe PRC - [2008-08-28 10:49:30 | 000,237,568 | ---- | M] (Saitek) -- C:\Program Files (x86)\Saitek\SD6\Software\ProfilerU.exe PRC - [2007-11-20 17:53:36 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Lycosa\razerhid.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-06-25 11:01:59 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\WIN\Desktop\OTL\OTL.exe MOD - [2010-08-27 11:09:16 | 000,324,032 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\KDS\pctESPHooking32.dll MOD - [2010-08-21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010-07-30 18:25:00 | 000,014,208 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis 5600\RzHook.dll MOD - [2009-06-10 23:14:56 | 000,652,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010-11-11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:[b]64bit:[/b] - [2010-11-11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:[b]64bit:[/b] - [2010-07-07 03:50:54 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2010-04-06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:[b]64bit:[/b] - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2011-06-06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-05-25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011-04-20 19:19:14 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010-12-14 17:17:12 | 000,128,928 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2010-12-06 18:44:15 | 000,135,168 | ---- | M] (Sony DADC Austria AG.) [Auto | Running] -- C:\Windows\SysWOW64\UAService7.exe -- (UserAccess7) SecuROM User Access Service (V7) SRV - [2010-11-17 10:29:38 | 000,287,024 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus) SRV - [2010-10-21 22:06:45 | 004,208,208 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-10-15 15:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009-07-24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011-04-17 17:24:22 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:[b]64bit:[/b] - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-02-08 14:24:21 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2011-02-08 14:24:21 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2011-02-02 18:32:27 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-11-25 10:42:10 | 000,179,464 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplfw64.sys -- (pctplfw) DRV:[b]64bit:[/b] - [2010-11-24 09:18:16 | 000,119,688 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctNdis-PacketFilter64.sys -- (PCTFW-PacketFilter) DRV:[b]64bit:[/b] - [2010-11-17 10:20:20 | 000,331,368 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi) DRV:[b]64bit:[/b] - [2010-11-09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:[b]64bit:[/b] - [2010-10-24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:[b]64bit:[/b] - [2010-07-08 09:49:08 | 000,079,000 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctNdis64.sys -- (pctNdisMP) DRV:[b]64bit:[/b] - [2010-07-08 09:49:08 | 000,079,000 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pctNdis64.sys -- (pctNdis) DRV:[b]64bit:[/b] - [2010-07-07 04:30:08 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2010-07-07 03:15:42 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2010-04-27 12:56:38 | 000,021,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:[b]64bit:[/b] - [2010-03-22 11:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2010-01-27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-03-18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2008-09-12 10:31:29 | 000,041,216 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus) DRV:[b]64bit:[/b] - [2008-09-12 10:31:29 | 000,016,000 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini) DRV:[b]64bit:[/b] - [2008-09-12 10:31:16 | 000,131,584 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0836.sys -- (SaiK0836) DRV - [2004-12-31 17:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files (x86)\TorrentMan\tbTorr.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files (x86)\Softonic-Polska\tbSoft.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.pl/http://www.google.pl/ [binary data] IE - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qooqlle.com/ IE - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) IE - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files (x86)\TorrentMan\tbTorr.dll (Conduit Ltd.) IE - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\URLSearchHook: {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files (x86)\Softonic-Polska\tbSoft.dll (Conduit Ltd.) IE - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "qooqlle" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "127.0.0.1" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.ftp: "127.0.0.1" FF - prefs.js..network.proxy.ftp_port: 9666 FF - prefs.js..network.proxy.gopher: "127.0.0.1" FF - prefs.js..network.proxy.gopher_port: 9666 FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9666 FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-06-24 14:41:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-06-17 09:06:00 | 000,000,000 | ---D | M] [2010-12-18 15:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WIN\AppData\Roaming\mozilla\Extensions [2011-06-05 17:43:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WIN\AppData\Roaming\mozilla\Firefox\Profiles\rrm637t4.default\extensions [2011-04-17 17:22:12 | 000,002,059 | ---- | M] () -- C:\Users\WIN\AppData\Roaming\Mozilla\Firefox\Profiles\rrm637t4.default\searchplugins\daemon-search.xml [2011-06-24 14:40:46 | 000,001,860 | ---- | M] () -- C:\Users\WIN\AppData\Roaming\Mozilla\Firefox\Profiles\rrm637t4.default\searchplugins\search.xml [2011-05-06 16:59:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011-01-27 15:28:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-03-10 21:03:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\WIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RRM637T4.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011-06-24 14:41:51 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-02-02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-11-24 12:12:30 | 000,120,296 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll [2010-07-27 17:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll [2011-05-06 17:45:11 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-05-06 17:45:11 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011-05-06 17:45:11 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-05-06 17:45:11 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-05-06 17:45:11 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-05-06 17:45:11 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2011-05-21 20:43:44 | 000,001,441 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O1 - Hosts: 127.0.0.1 gosredirector.ea.com O1 - Hosts: 127.0.0.1 blazeserver.blazeemu.org O1 - Hosts: 127.0.0.1 gosgvaprod-qos01.ea.com O1 - Hosts: 127.0.0.1 gosiadprod-qos01.ea.com O1 - Hosts: 127.0.0.1 gossjcprod-qos01.ea.com O1 - Hosts: 127.0.0.1 demangler.ea.com O1 - Hosts: 127.0.0.1 vmp.tools.gos.ea.com O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com O1 - Hosts: 127.0.0.1 orbitservice.ubi.com O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) O2 - BHO: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files (x86)\TorrentMan\tbTorr.dll (Conduit Ltd.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files (x86)\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files (x86)\TorrentMan\tbTorr.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files (x86)\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.) O3 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3:[b]64bit:[/b] - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O3 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files (x86)\Free_Lunch_Design\tbFree.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files (x86)\TorrentMan\tbTorr.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\Toolbar\WebBrowser: (Softonic-Polska Toolbar) - {C86EB8A9-CCC2-4B6C-B75D-73576ED591BF} - C:\Program Files (x86)\Softonic-Polska\tbSoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.) O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [00PCTFW] C:\Program Files (x86)\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools) O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [LGODDFU] C:\Program Files (x86)\lg_fwupdate\fwupdate.exe (BL) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Lycosa] C:\Program Files (x86)\Razer\Lycosa\razerhid.exe (Razer USA Ltd.) O4 - HKLM..\Run: [ProfilerU] C:\Program Files (x86)\Saitek\SD6\Software\ProfilerU.exe (Saitek) O4 - HKLM..\Run: [Razer Lachesis Driver] C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe (Razer USA Ltd) O4 - HKLM..\Run: [Readar_sl] C:\Users\WIN\AppData\Roaming\Readar_sl.exe (Created with WinAutomation (http://www.WinAutomation.com)) O4 - HKLM..\Run: [SaiMfd] C:\Program Files (x86)\Saitek\SD6\Software\SaiMfd.exe (Saitek) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TunesHelper] C:\ProgramData\TunesHelper.exe () O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Christmas spirit] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [ChristmasTree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Deluxe Tree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [deskTannenbaum] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [DesktopXmasTree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [FreeXmasTree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [GetChristmas] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Happy Christmas] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [jushed] C:\ProgramData\jushed.exe ( ) O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Little_Tree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [LiveChristmasTree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Magic Tree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Plasticine Tree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Red Christmas Tree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [RESTART_STICKY_NOTES] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Win Christmas Tree] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [wuauclt] File not found O4 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000..\Run: [Xmas Tree] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-4151704660-1878376421-3311647408-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html () O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-10-26 18:45:39 | 000,779,496 | R--- | M] (BioWare) - D:\autorun.exe -- [ UDF ] O32 - AutoRun File - [2009-10-26 23:21:41 | 000,000,054 | R--- | M] () - D:\autorun.inf -- [ UDF ] O33 - MountPoints2\{3fe37787-32c6-11e0-aad4-1c6f65422699}\Shell - "" = AutoRun O33 - MountPoints2\{3fe37787-32c6-11e0-aad4-1c6f65422699}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{8b7d5983-f745-11df-80fe-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8b7d5983-f745-11df-80fe-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2009-10-26 18:45:39 | 000,779,496 | R--- | M] (BioWare) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-06-25 11:22:06 | 000,000,000 | ---D | C] -- C:\Users\WIN\Desktop\OTL [2011-06-19 19:44:55 | 000,000,000 | ---D | C] -- C:\Users\WIN\Desktop\ME Ideal SAVE [2011-06-18 19:19:52 | 000,000,000 | ---D | C] -- C:\Users\WIN\AppData\Roaming\TerrariaWorldViewer [2011-06-18 12:47:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA [2011-06-18 12:45:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terraria [2011-06-17 13:48:08 | 000,000,000 | ---D | C] -- C:\Users\WIN\Desktop\Nowy folder [2011-06-17 10:12:43 | 000,311,296 | RHS- | C] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Users\WIN\AppData\Roaming\Readar_sl.exe [2011-06-17 09:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011-06-17 09:05:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011-06-16 23:21:30 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011-06-16 23:21:29 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011-06-16 23:21:28 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011-06-16 23:21:28 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011-06-16 23:21:28 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011-06-16 23:21:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011-06-16 23:21:28 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011-06-16 23:21:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011-06-16 23:21:27 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011-06-16 23:21:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011-06-16 23:21:27 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011-06-16 23:21:27 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011-06-16 23:21:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011-06-16 23:21:26 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011-06-16 23:21:25 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011-06-16 23:21:24 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011-06-16 23:21:22 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2011-06-16 16:42:25 | 000,000,000 | ---D | C] -- C:\Users\WIN\Desktop\film [2011-06-13 21:31:02 | 000,000,000 | ---D | C] -- C:\Users\WIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2011-06-09 13:29:24 | 000,000,000 | ---D | C] -- C:\Users\WIN\Desktop\terraria1 [2011-06-08 15:00:53 | 000,000,000 | ---D | C] -- C:\Users\WIN\AppData\Roaming\.minecraft [2011-06-07 20:13:01 | 000,000,000 | ---D | C] -- C:\Users\WIN\Desktop\spellforce [2011-06-07 15:59:00 | 000,000,000 | ---D | C] -- C:\Users\WIN\Documents\ArmA 2 Other Profiles [2011-06-07 15:57:05 | 000,000,000 | ---D | C] -- C:\Users\WIN\Documents\ArmA 2 [2011-06-07 15:57:05 | 000,000,000 | ---D | C] -- C:\Users\WIN\AppData\Local\ArmA 2 [2011-06-07 14:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2011-06-07 14:20:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bohemia Interactive [2011-06-05 14:54:03 | 000,566,784 | ---- | C] ( ) -- C:\ProgramData\jushed.exe [2011-06-05 14:54:02 | 000,347,136 | ---- | C] (NirSoft) -- C:\Users\WIN\AppData\Local\nircmd.exe [2011-06-05 14:54:00 | 000,566,784 | ---- | C] ( ) -- C:\Users\WIN\AppData\Local\jushed.exe [2011-06-04 21:21:34 | 000,000,000 | ---D | C] -- C:\Users\WIN\Desktop\pendrive [2011-06-04 10:31:39 | 000,000,000 | R--D | C] -- C:\Users\WIN\Desktop\Tapety [2011-06-04 10:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair [2011-06-04 10:24:08 | 000,000,000 | ---D | C] -- C:\rei [2011-06-04 10:24:03 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage [2011-06-02 15:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011-06-02 15:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2011-06-02 14:35:47 | 000,000,000 | ---D | C] -- C:\Users\WIN\Desktop\Terraria [2011-05-28 11:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\X3 Editor 2 [2011-05-28 11:32:29 | 000,000,000 | ---D | C] -- C:\Users\WIN\AppData\Roaming\X3 Editor 2 [2011-05-28 11:24:21 | 000,000,000 | ---D | C] -- C:\X3 Editor 2 [2011-05-28 11:24:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X3 Editor 2 [2010-12-21 19:17:38 | 000,278,528 | ---- | C] (Io Interactive A/S) -- C:\Program Files\Launcher.exe [2010-12-21 19:17:38 | 000,014,600 | ---- | C] (Io Interactive A/S) -- C:\Program Files\knlterm.exe [2010-12-21 19:17:37 | 007,542,024 | ---- | C] (Io Interactive A/S) -- C:\Program Files\kaneandlynch.exe [2010-12-21 19:17:37 | 000,111,880 | ---- | C] (Microsoft Corporation) -- C:\Program Files\GameuxInstallHelper.dll [2010-12-21 19:17:37 | 000,066,824 | ---- | C] (Microsoft Corporation) -- C:\Program Files\FirewallInstallHelper.dll [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Users\WIN\AppData\Local\*.tmp files -> C:\Users\WIN\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-06-25 10:51:43 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-06-25 10:51:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-24 16:11:29 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-24 16:11:29 | 000,015,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-24 14:46:27 | 001,669,940 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-06-24 14:46:27 | 000,740,042 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-06-24 14:46:27 | 000,654,250 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-06-24 14:46:27 | 000,155,630 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-06-24 14:46:27 | 000,122,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-06-24 14:40:32 | 000,000,271 | ---- | M] () -- C:\Windows\lgfwup.ini [2011-06-24 14:39:49 | 000,000,002 | ---- | M] () -- C:\ProgramData\timerxfile [2011-06-24 14:39:49 | 000,000,002 | ---- | M] () -- C:\ProgramData\datesavefile [2011-06-24 14:39:49 | 000,000,001 | ---- | M] () -- C:\ProgramData\varsavefile [2011-06-24 14:39:33 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-06-24 14:39:15 | 3219,300,352 | -HS- | M] () -- C:\hiberfil.sys [2011-06-24 14:37:17 | 000,003,326 | ---- | M] () -- C:\Users\WIN\.recently-used.xbel [2011-06-22 12:03:40 | 002,699,703 | ---- | M] () -- C:\Users\WIN\Desktop\galeria.rar [2011-06-21 11:30:48 | 019,810,631 | ---- | M] () -- C:\Users\WIN\Desktop\Minecraft 1.6.x serwer.rar [2011-06-20 18:09:43 | 000,001,061 | ---- | M] () -- C:\Users\WIN\Desktop\Uruchom ARMA II.lnk [2011-06-20 18:03:44 | 000,864,508 | ---- | M] () -- C:\Users\WIN\Desktop\2011-06-20_18.03.44.png [2011-06-20 18:02:54 | 001,255,253 | ---- | M] () -- C:\Users\WIN\Desktop\2011-06-20_18.02.54.png [2011-06-20 17:58:58 | 001,086,816 | ---- | M] () -- C:\Users\WIN\Desktop\2011-06-20_17.58.58.png [2011-06-18 12:45:51 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Terraria.lnk [2011-06-17 10:12:42 | 008,180,224 | RHS- | M] () -- C:\ProgramData\TunesHelper.exe [2011-06-17 10:12:41 | 000,311,296 | RHS- | M] (Created with WinAutomation (http://www.WinAutomation.com)) -- C:\Users\WIN\AppData\Roaming\Readar_sl.exe [2011-06-17 09:06:00 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011-06-17 09:02:04 | 000,299,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-06-16 12:18:16 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011-06-16 12:18:16 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011-06-13 15:26:35 | 000,001,164 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2011-06-13 15:26:35 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk [2011-06-09 13:37:36 | 001,645,142 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-06-08 14:59:25 | 000,270,142 | ---- | M] () -- C:\Users\WIN\Desktop\Minecraft.exe [2011-06-07 21:03:41 | 000,000,604 | ---- | M] () -- C:\Users\WIN\Desktop\Company of Heroes.lnk [2011-06-05 14:55:00 | 000,566,784 | ---- | M] ( ) -- C:\Users\WIN\AppData\Local\jushed.exe [2011-06-05 14:55:00 | 000,347,136 | ---- | M] (NirSoft) -- C:\Users\WIN\AppData\Local\nircmd.exe [2011-06-05 14:55:00 | 000,004,768 | ---- | M] () -- C:\ProgramData\operaprefs.ini [2011-06-05 14:54:02 | 000,566,784 | ---- | M] ( ) -- C:\ProgramData\jushed.exe [2011-06-04 21:00:36 | 043,795,464 | ---- | M] () -- C:\Users\WIN\Desktop\Minecraft 1.2.0_02 Installer (Cracked).exe [2011-06-04 13:05:12 | 000,007,895 | ---- | M] () -- C:\Users\WIN\Documents\lista.m3u [2011-06-04 11:26:12 | 000,000,711 | ---- | M] () -- C:\Users\WIN\Desktop\open-fm — skrót.lnk [2011-06-04 10:30:24 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini [2011-06-03 08:33:55 | 000,000,221 | ---- | M] () -- C:\Users\WIN\Desktop\Duke Nukem Forever Demo.url [2011-06-02 15:43:28 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2011-05-31 14:51:01 | 000,001,717 | ---- | M] () -- C:\Users\WIN\Desktop\X3TC DDTC.lnk [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [1 C:\Users\WIN\AppData\Local\*.tmp files -> C:\Users\WIN\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-24 14:37:17 | 000,003,326 | ---- | C] () -- C:\Users\WIN\.recently-used.xbel [2011-06-22 11:43:59 | 002,699,703 | ---- | C] () -- C:\Users\WIN\Desktop\galeria.rar [2011-06-21 11:30:04 | 019,810,631 | ---- | C] () -- C:\Users\WIN\Desktop\Minecraft 1.6.x serwer.rar [2011-06-20 18:03:44 | 000,864,508 | ---- | C] () -- C:\Users\WIN\Desktop\2011-06-20_18.03.44.png [2011-06-20 18:02:54 | 001,255,253 | ---- | C] () -- C:\Users\WIN\Desktop\2011-06-20_18.02.54.png [2011-06-20 17:58:58 | 001,086,816 | ---- | C] () -- C:\Users\WIN\Desktop\2011-06-20_17.58.58.png [2011-06-18 12:45:51 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\Terraria.lnk [2011-06-17 10:12:42 | 008,180,224 | RHS- | C] () -- C:\ProgramData\TunesHelper.exe [2011-06-17 09:06:00 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011-06-17 09:06:00 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011-06-13 21:32:14 | 000,001,061 | ---- | C] () -- C:\Users\WIN\Desktop\Uruchom ARMA II.lnk [2011-06-13 15:26:35 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk [2011-06-08 14:59:24 | 000,270,142 | ---- | C] () -- C:\Users\WIN\Desktop\Minecraft.exe [2011-06-07 19:50:56 | 000,000,604 | ---- | C] () -- C:\Users\WIN\Desktop\Company of Heroes.lnk [2011-06-05 14:54:07 | 000,000,002 | ---- | C] () -- C:\ProgramData\timerxfile [2011-06-05 14:54:07 | 000,000,002 | ---- | C] () -- C:\ProgramData\datesavefile [2011-06-05 14:54:07 | 000,000,001 | ---- | C] () -- C:\ProgramData\varsavefile [2011-06-05 14:54:03 | 000,004,768 | ---- | C] () -- C:\ProgramData\operaprefs.ini [2011-06-04 21:03:22 | 000,187,227 | ---- | C] () -- C:\Users\WIN\Desktop\mcpatcher-1.1.12_02.exe [2011-06-04 21:02:46 | 012,353,066 | ---- | C] () -- C:\Users\WIN\Desktop\Misa201.zip [2011-06-04 20:59:25 | 043,795,464 | ---- | C] () -- C:\Users\WIN\Desktop\Minecraft 1.2.0_02 Installer (Cracked).exe [2011-06-04 12:36:27 | 000,007,895 | ---- | C] () -- C:\Users\WIN\Documents\lista.m3u [2011-06-04 10:24:33 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini [2011-06-03 08:33:55 | 000,000,221 | ---- | C] () -- C:\Users\WIN\Desktop\Duke Nukem Forever Demo.url [2011-05-31 14:50:32 | 000,001,717 | ---- | C] () -- C:\Users\WIN\Desktop\X3TC DDTC.lnk [2011-05-04 19:23:30 | 000,000,000 | ---- | C] () -- C:\Users\WIN\AppData\Local\{2AD0FA95-CE8B-4760-894F-A422259A5614} [2011-04-27 20:47:43 | 001,645,142 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011-03-30 19:07:10 | 001,031,168 | ---- | C] () -- C:\Windows\SysWow64\spk.dll [2011-03-22 14:14:40 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011-03-05 22:38:11 | 000,000,168 | ---- | C] () -- C:\Windows\usdthank.ini [2011-03-05 22:38:11 | 000,000,031 | ---- | C] () -- C:\Windows\idc.ini [2011-02-13 14:01:33 | 000,001,793 | ---- | C] () -- C:\Windows\TSearch.INI [2011-01-15 20:24:13 | 000,000,005 | ---- | C] () -- C:\Windows\treeskp.sys [2011-01-15 20:24:13 | 000,000,005 | ---- | C] () -- C:\Windows\sbacknt.bin [2010-12-24 09:53:17 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-12-24 09:53:17 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-12-24 09:53:14 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll [2010-12-24 09:53:14 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010-12-24 09:53:14 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010-12-24 09:53:13 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010-12-21 19:20:17 | 000,000,056 | ---- | C] () -- C:\Program Files\PC_Eng.str [2010-12-21 19:17:38 | 1377,192,139 | ---- | C] () -- C:\Program Files\PC_Def.str [2010-12-21 19:17:38 | 000,058,888 | ---- | C] () -- C:\Program Files\kaneandlynch.exe.cat [2010-12-21 19:17:38 | 000,000,384 | ---- | C] () -- C:\Program Files\kaneandlynch.exe.cfg [2010-12-21 19:17:38 | 000,000,123 | ---- | C] () -- C:\Program Files\main.ini [2010-12-21 19:17:37 | 000,352,520 | ---- | C] () -- C:\Program Files\binkw32.dll [2010-12-21 19:17:37 | 000,000,057 | ---- | C] () -- C:\Program Files\Eidos Support.url [2010-12-21 19:17:37 | 000,000,051 | ---- | C] () -- C:\Program Files\Kane & Lynch Website.url [2010-12-21 19:17:37 | 000,000,044 | ---- | C] () -- C:\Program Files\Eidos.url [2010-12-21 19:17:37 | 000,000,041 | ---- | C] () -- C:\Program Files\IO Interactive.url [2010-12-19 16:33:11 | 000,000,050 | ---- | C] () -- C:\Windows\GunzLauncher.INI [2010-12-18 15:51:39 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010-12-07 18:39:00 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010-12-07 18:38:58 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010-12-07 18:38:56 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2010-11-24 00:11:13 | 000,000,271 | ---- | C] () -- C:\Windows\lgfwup.ini [2010-11-23 23:58:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010-11-23 23:35:31 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010-11-23 23:20:18 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2009-08-27 09:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe [2009-07-14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009-07-14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011-06-24 16:10:38 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\.minecraft [2011-06-25 11:21:03 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\BitTorrent [2010-12-23 22:05:47 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\BitTyrant [2010-12-22 16:03:45 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Command & Conquer 3 Gniew Kane'a [2010-12-22 15:33:29 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Command & Conquer 3 Wojny o tyberium [2011-03-19 13:07:00 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Command and Conquer 4 [2011-02-07 21:20:14 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\DAEMON Tools Lite [2010-12-18 20:26:47 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Gadu-Gadu 10 [2010-12-31 17:23:15 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\GanymedeNet [2011-06-24 14:05:31 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\gtk-2.0 [2011-06-04 10:41:40 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Gygan [2010-12-19 17:03:30 | 000,000,000 | -H-D | M] -- C:\Users\WIN\AppData\Roaming\ijjigame [2011-02-11 15:33:54 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\ipla [2010-12-18 17:41:52 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\OpenCandy [2010-12-18 15:50:48 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\OpenFM [2011-04-28 14:05:05 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\PCToolsFirewallPlus [2011-04-06 18:38:23 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Publish Providers [2010-11-28 13:53:24 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Quest3D [2010-12-11 17:05:07 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\RDRM [2011-03-18 18:30:00 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Rovio [2011-02-08 14:41:48 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\SendSpace [2010-12-31 17:35:49 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Soldat [2011-04-06 21:01:54 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Sony [2010-11-28 21:55:02 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\SpeedSim [2011-06-18 19:24:30 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\TerrariaWorldViewer [2010-12-11 19:43:36 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\TrueCrypt [2011-02-03 18:21:04 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Ubisoft [2011-04-21 11:07:41 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\Unity [2010-12-13 17:54:25 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\W [2010-12-24 11:34:12 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\wargaming.net [2011-04-23 13:00:57 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\WordToPDF [2011-05-28 11:32:29 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\X3 Editor 2 [2011-02-09 16:42:46 | 000,000,000 | ---D | M] -- C:\Users\WIN\AppData\Roaming\XRay Engine [2011-03-07 15:42:31 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:C31F31E6 < End of report >