OTL logfile created on: 2012-03-02 19:12:31 - Run 1
OTL by OldTimer - Version 3.2.33.2     Folder = C:\Users\Mikołaj\Desktop\Narzędzia
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
3,50 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 67,49% Memory free
7,00 Gb Paging File | 5,74 Gb Available in Paging File | 82,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 13,92 Gb Free Space | 14,27% Space Free | Partition Type: NTFS
Drive D: | 413,93 Gb Total Space | 193,13 Gb Free Space | 46,66% Space Free | Partition Type: NTFS
Drive E: | 419,92 Gb Total Space | 55,60 Gb Free Space | 13,24% Space Free | Partition Type: NTFS
Drive F: | 7,42 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 3,75 Gb Total Space | 3,75 Gb Free Space | 99,94% Space Free | Partition Type: FAT32
 
Computer Name: MIKOŁAJPC | User Name: Mikołaj | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-02-28 08:49:14 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Mikołaj\Desktop\Narzędzia\OTL.exe
PRC - [2012-02-23 22:43:59 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2012-02-07 13:18:30 | 001,987,976 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012-02-07 13:18:28 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011-11-08 04:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-11-08 04:50:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011-11-07 18:53:32 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-08-30 20:13:48 | 000,347,008 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\GameXN\GameXNGO.exe
PRC - [2011-08-02 00:23:51 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011-02-25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010-11-20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010-07-12 17:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010-04-02 08:11:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2010-03-22 08:17:22 | 000,191,080 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2010-03-22 08:17:20 | 000,133,736 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
PRC - [2010-03-09 03:52:49 | 000,015,872 | ---- | M] () -- D:\Unlocker\UnlockerAssistant.exe
PRC - [2010-02-22 14:38:12 | 000,442,368 | ---- | M] (AWS Convergence Technologies) -- C:\Program Files\AWS\WeatherBug Alert\WeatherBugAlert.exe
PRC - [2010-02-02 23:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009-12-22 03:31:26 | 000,217,088 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009-12-22 03:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\System32\dgdersvc.exe
PRC - [2009-11-27 20:48:57 | 000,389,215 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\service\st330service.exe
PRC - [2009-11-27 20:48:55 | 000,557,149 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
PRC - [2009-11-06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
PRC - [2009-10-05 18:05:12 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
PRC - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () -- C:\Program Files\Gigabyte\EasySaver\essvr.exe
PRC - [2008-06-30 10:41:10 | 000,114,688 | ---- | M] () -- C:\Program Files\MultiScreen\MultiScreen.exe
PRC - [2007-08-23 15:05:00 | 000,045,056 | ---- | M] () -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012-02-23 22:43:59 | 014,415,144 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2012-02-23 22:43:59 | 000,914,216 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-52.dll
MOD - [2012-02-23 22:43:59 | 000,857,896 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2012-02-23 22:43:59 | 000,155,432 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-52.dll
MOD - [2012-02-23 22:43:59 | 000,091,432 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-50.dll
MOD - [2010-03-09 03:55:54 | 000,004,608 | ---- | M] () -- D:\Unlocker\UnlockerHook.dll
MOD - [2010-03-09 03:52:49 | 000,015,872 | ---- | M] () -- D:\Unlocker\UnlockerAssistant.exe
MOD - [2009-11-27 20:48:56 | 004,222,976 | ---- | M] () -- C:\Program Files\Thomson\ST330\diagnostics\qt-mt332.dll
MOD - [2009-11-27 20:48:56 | 000,364,544 | ---- | M] () -- C:\Program Files\Thomson\ST330\diagnostics\qwt.dll
MOD - [2009-10-05 18:05:12 | 002,158,592 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe
MOD - [2008-06-30 10:41:10 | 000,114,688 | ---- | M] () -- C:\Program Files\MultiScreen\MultiScreen.exe
MOD - [2008-06-30 10:40:52 | 000,040,960 | ---- | M] () -- C:\Program Files\MultiScreen\MGResEng.dll
MOD - [2008-06-30 10:40:46 | 000,036,864 | ---- | M] () -- C:\Program Files\MultiScreen\ServiceHook.dll
MOD - [2008-06-30 10:40:46 | 000,028,672 | ---- | M] () -- C:\Program Files\MultiScreen\MultiMon.dll
MOD - [2006-09-14 00:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [1998-10-31 04:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\Vtune\TBMANAGE.DLL
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2012-02-23 22:43:59 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-02-07 13:18:28 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012-01-31 15:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011-11-08 04:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-11-07 18:53:32 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-06-29 14:59:18 | 000,155,344 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011-04-22 13:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010-05-24 22:50:53 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010-03-22 08:17:22 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2009-12-22 03:31:26 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009-12-22 03:31:02 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc)
SRV - [2009-11-27 20:48:57 | 000,389,215 | ---- | M] (THOMSON Telecom Belgium) [Auto | Running] -- C:\Program Files\Thomson\ST330\service\st330service.exe -- (st330service)
SRV - [2009-11-06 12:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009-07-14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009-07-14 02:14:41 | 000,005,632 | ---- | M] (Oak Technology Inc.) [Auto | Stopped] -- C:\Windows\System32\logmein.dll -- (PBADRV)
SRV - [2009-07-14 02:14:41 | 000,005,632 | ---- | M] (Oak Technology Inc.) [Auto | Stopped] -- C:\Windows\System32\FiltUSBEMPIA.dll -- (eSettingsService)
SRV - [2009-03-02 14:06:16 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2008-11-11 08:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007-08-23 15:05:00 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\Program Files\MagicTune Premium\MagicTuneEngine.exe -- (MagicTuneEngine)
SRV - [2007-05-31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007-05-31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007-03-23 12:35:22 | 000,407,168 | ---- | M] (Cenega Poland) [Auto | Stopped] -- C:\Windows\System32\pr2aj6ec.exe -- (pr2aj6ec) You Are Empty Drivers Auto Removal (pr2aj6ec)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2012-03-02 18:11:29 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011-11-08 04:50:00 | 010,327,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010-11-20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010-11-20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010-11-20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010-11-20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010-11-20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010-11-20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010-11-20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010-04-02 08:11:16 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/05/29 23:27:19] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009-12-22 03:31:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009-12-22 03:31:02 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2009-12-18 09:35:43 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009-12-18 09:35:43 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009-11-27 20:26:59 | 000,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stppp.sys -- (stppp)
DRV - [2009-09-19 06:30:10 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009-09-19 06:30:10 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2009-09-19 06:30:10 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009-09-19 06:30:10 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009-09-15 13:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvoclock.sys -- (nvoclock)
DRV - [2009-07-14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-08-26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007-03-23 12:34:40 | 000,052,104 | ---- | M] (Cenega Poland) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ps6aj6ec.sys -- (ps6aj6ec) You Are Empty Synchronization Driver (ps6aj6ec)
DRV - [2007-03-19 19:58:00 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\st330.sys -- (ST330)
DRV - [2007-03-19 19:58:00 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stbus.sys -- (STBUS)
DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-569617077-483490569-2739753594-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-569617077-483490569-2739753594-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-569617077-483490569-2739753594-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
IE - HKU\S-1-5-21-569617077-483490569-2739753594-1000\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\Windows\System32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-569617077-483490569-2739753594-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.gazeta.pl/0,0.html?p=125"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: IplextoALL@ALLPlayer.org:0.1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-16 09:03:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-02-27 15:57:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.27\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-19 22:31:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-16 09:03:25 | 000,000,000 | ---D | M]
 
[2011-02-13 16:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Extensions
[2011-02-13 16:33:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012-02-26 18:58:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Firefox\Profiles\o1kauu88.default\extensions
[2011-12-20 08:41:45 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Firefox\Profiles\o1kauu88.default\extensions\IplextoALL@ALLPlayer.org
[2011-10-10 14:22:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-02-08 22:49:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010-07-21 16:44:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010-11-20 22:59:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010-12-31 09:36:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-05-04 08:59:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-07-09 07:51:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012-02-16 09:03:25 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
File not found (No name found) -- C:\USERS\MIKOĹ‚AJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\O1KAUU88.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG
[2011-05-04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010-07-12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011-09-23 11:09:39 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-09-23 11:09:39 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-09-23 11:09:39 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-09-23 11:09:39 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-09-23 11:09:39 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-09-23 11:09:39 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
 
O1 HOSTS File: ([2012-02-28 20:44:05 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - E:\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O4 - HKLM..\Run: [4StoryPrePatch] D:\4Story\PrePatch.exe (Zamiinc)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [diagnostics] C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MultiScreen] C:\Program Files\MultiScreen\MultiScreen.exe ()
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UnlockerAssistant] D:\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [ALLUpdate] E:\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [GameXN] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [GameXN (news)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [GameXN (update)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [IPLA!] C:\Program Files\ipla\ipla.exe (Redefine Sp z o.o.)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\/\KiesTrayAgent.exe ()
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe ()
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1000..\Run: [WeatherBugAlert] C:\Program Files\AWS\WeatherBug Alert\WeatherBugAlert.exe (AWS Convergence Technologies)
O4 - HKU\S-1-5-21-569617077-483490569-2739753594-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-569617077-483490569-2739753594-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-569617077-483490569-2739753594-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00  [binary data]
O7 - HKU\S-1-5-21-569617077-483490569-2739753594-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-569617077-483490569-2739753594-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to &Teleport - C:\Program Files\Teleport Pro\teleport.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011-10-25 17:06:06 | 000,000,069 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-03-02 17:10:30 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\AppData\Roaming\Process Hacker 2
[2012-03-02 17:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2012-03-02 17:05:34 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2
[2012-02-29 20:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover
[2012-02-29 17:09:16 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\Desktop\Narzędzia
[2012-02-29 16:32:11 | 000,000,000 | ---D | C] -- C:\FRST
[2012-02-29 16:15:47 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\tdx.sys
[2012-02-28 20:44:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-02-28 20:40:51 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\AppData\Local\temp
[2012-02-28 20:26:24 | 000,083,456 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\serial.sys
[2012-02-28 19:32:11 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\cdrom.sys
[2012-02-27 16:11:43 | 000,000,000 | ---D | C] -- C:\CyberLink
[2012-02-27 15:11:47 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012-02-27 10:59:37 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012-02-27 09:02:31 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2012-02-27 09:02:31 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\Documents\Anti-Malware
[2012-02-26 14:39:27 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\Desktop\My Shared Folder
[2012-02-26 13:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012-02-26 13:40:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012-02-23 19:09:52 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\Desktop\Historia
[2012-02-23 09:58:48 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\AppData\Roaming\HpUpdate
[2012-02-23 09:58:47 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2012-02-18 11:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\HPSSUPPLY
[2012-02-16 09:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012-02-16 09:04:52 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\AppData\Roaming\HP
[2012-02-16 09:04:21 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\AppData\Local\HP
[2012-02-16 09:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012-02-16 09:02:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012-02-16 09:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2012-02-16 09:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2012-02-16 08:59:43 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012-02-16 08:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012-02-16 08:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012-02-16 08:54:28 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
[2012-02-15 23:27:22 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-02-15 23:27:21 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-02-15 23:27:21 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-02-15 23:27:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-02-15 23:27:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-02-15 23:27:18 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-02-15 16:09:24 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012-02-15 16:09:00 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012-02-11 09:52:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012-02-11 09:52:04 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012-02-11 09:50:16 | 000,000,000 | ---D | C] -- C:\My Shared Folder
[2012-02-08 22:48:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012-02-08 22:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010-05-05 21:41:46 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Mikołaj\AppData\Roaming\pcouffin.sys
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-03-02 18:29:11 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-03-02 18:22:57 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-03-02 18:22:57 | 000,013,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-03-02 18:11:37 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-03-02 18:11:33 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012-03-02 18:11:29 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys
[2012-03-02 18:11:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-03-02 18:11:15 | 2817,384,448 | -HS- | M] () -- C:\hiberfil.sys
[2012-03-02 18:10:14 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempkI4028.html
[2012-03-02 18:10:14 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempeG4028.html
[2012-03-02 18:10:14 | 000,002,089 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempTK4028.html
[2012-03-02 18:10:14 | 000,002,089 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempQZ4028.html
[2012-03-02 17:45:18 | 000,140,496 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012-03-02 17:45:13 | 000,280,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012-03-02 17:05:34 | 000,001,954 | ---- | M] () -- C:\Users\Mikołaj\Desktop\Process Hacker 2.lnk
[2012-03-02 17:04:19 | 000,000,560 | ---- | M] () -- C:\FIX.REG
[2012-03-01 22:09:15 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempVb2884.html
[2012-03-01 22:09:15 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempJL2884.html
[2012-03-01 22:09:15 | 000,002,089 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempyV2884.html
[2012-03-01 22:09:15 | 000,002,089 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempqC2884.html
[2012-03-01 20:34:56 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempFz3460.html
[2012-03-01 20:34:56 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempDO3460.html
[2012-03-01 20:34:56 | 000,002,089 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempWF3460.html
[2012-03-01 20:34:56 | 000,002,089 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\Tempif3460.html
[2012-03-01 20:28:47 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempPP2472.html
[2012-03-01 20:28:47 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempCa2472.html
[2012-03-01 20:28:47 | 000,002,089 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\Templp2472.html
[2012-03-01 20:28:47 | 000,002,089 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempfN2472.html
[2012-03-01 00:26:51 | 000,707,284 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-03-01 00:26:51 | 000,624,578 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-03-01 00:26:51 | 000,140,298 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-03-01 00:26:51 | 000,110,216 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-02-29 18:36:10 | 000,602,051 | ---- | M] () -- C:\Users\Mikołaj\Desktop\adwcleaner.exe
[2012-02-29 15:59:24 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\tdx.sys
[2012-02-28 21:01:17 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempKt2968.html
[2012-02-28 21:01:00 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\Tempcm2968.html
[2012-02-28 20:48:20 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempWu4424.html
[2012-02-28 20:48:17 | 000,002,432 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\TempvU4424.html
[2012-02-28 20:44:05 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012-02-28 19:28:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\cdrom.sys
[2012-02-27 15:42:58 | 000,000,414 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012-02-26 19:43:27 | 000,207,234 | ---- | M] () -- C:\Users\Mikołaj\Desktop\710199_090403_Plock_05_34.jpg
[2012-02-26 14:46:09 | 000,017,408 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\WebpageIcons.db
[2012-02-19 23:59:21 | 000,280,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012-02-17 23:18:50 | 031,552,115 | ---- | M] () -- C:\Users\Mikołaj\Desktop\MATMA.rar
[2012-02-16 17:21:17 | 000,000,205 | ---- | M] () -- C:\Users\Mikołaj\Desktop\Google.url
[2012-02-16 09:30:28 | 000,406,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-02-16 09:04:39 | 000,211,137 | ---- | M] () -- C:\Windows\hpoins18.dat
[2012-02-16 09:02:55 | 000,002,131 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2012-02-16 09:02:27 | 000,001,353 | ---- | M] () -- C:\Users\Public\Desktop\Centrum obsługi HP.lnk
[2012-02-16 09:02:19 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\Zakup materiałów eksploatacyjnych HP.lnk
[2012-02-16 09:02:05 | 000,002,075 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-03-02 17:05:34 | 000,001,954 | ---- | C] () -- C:\Users\Mikołaj\Desktop\Process Hacker 2.lnk
[2012-03-02 17:04:19 | 000,000,560 | ---- | C] () -- C:\FIX.REG
[2012-03-02 12:23:35 | 000,002,089 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempQZ4028.html
[2012-03-02 12:23:34 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempeG4028.html
[2012-03-02 12:23:31 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempkI4028.html
[2012-03-02 12:23:31 | 000,002,089 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempTK4028.html
[2012-03-01 20:36:50 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempJL2884.html
[2012-03-01 20:36:50 | 000,002,089 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempyV2884.html
[2012-03-01 20:36:49 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempVb2884.html
[2012-03-01 20:36:49 | 000,002,089 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempqC2884.html
[2012-03-01 20:31:26 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempFz3460.html
[2012-03-01 20:31:26 | 000,002,089 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempWF3460.html
[2012-03-01 20:31:24 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempDO3460.html
[2012-03-01 20:31:24 | 000,002,089 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\Tempif3460.html
[2012-03-01 20:15:08 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempCa2472.html
[2012-03-01 20:15:08 | 000,002,089 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\Templp2472.html
[2012-03-01 20:15:07 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempPP2472.html
[2012-03-01 20:15:07 | 000,002,089 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempfN2472.html
[2012-02-29 18:37:24 | 000,602,051 | ---- | C] () -- C:\Users\Mikołaj\Desktop\adwcleaner.exe
[2012-02-28 21:00:10 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempKt2968.html
[2012-02-28 21:00:09 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\Tempcm2968.html
[2012-02-28 20:46:54 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempWu4424.html
[2012-02-28 20:46:51 | 000,002,432 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\TempvU4424.html
[2012-02-26 19:43:26 | 000,207,234 | ---- | C] () -- C:\Users\Mikołaj\Desktop\710199_090403_Plock_05_34.jpg
[2012-02-26 14:46:06 | 000,017,408 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\WebpageIcons.db
[2012-02-17 23:18:12 | 031,552,115 | ---- | C] () -- C:\Users\Mikołaj\Desktop\MATMA.rar
[2012-02-16 17:21:17 | 000,000,205 | ---- | C] () -- C:\Users\Mikołaj\Desktop\Google.url
[2012-02-16 09:03:14 | 000,001,018 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rejestracja programu I.R.I.S. OCR.lnk
[2012-02-16 09:02:55 | 000,002,131 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2012-02-16 09:02:26 | 000,001,353 | ---- | C] () -- C:\Users\Public\Desktop\Centrum obsługi HP.lnk
[2012-02-16 09:02:18 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\Zakup materiałów eksploatacyjnych HP.lnk
[2012-02-16 09:02:05 | 000,002,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012-02-16 08:56:56 | 000,211,137 | ---- | C] () -- C:\Windows\hpoins18.dat
[2012-02-16 08:56:56 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011-11-08 15:21:02 | 000,140,496 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011-11-08 15:20:38 | 000,280,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011-11-08 15:20:37 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011-11-07 18:53:44 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011-09-27 05:54:25 | 000,007,597 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\Resmon.ResmonCfg
[2011-04-09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011-02-27 14:51:17 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2010-12-04 18:15:11 | 000,000,414 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010-10-20 14:32:20 | 000,000,761 | ---- | C] () -- C:\Windows\m3jp2k.ini
[2010-10-20 14:32:20 | 000,000,702 | ---- | C] () -- C:\Windows\mmtvmj.ini
[2010-10-20 14:32:19 | 000,000,714 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2010-10-20 14:32:18 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2010-10-20 14:28:06 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2010-09-02 00:53:48 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010-07-24 21:05:12 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2010-07-09 20:00:32 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010-06-23 16:33:18 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010-06-23 16:33:18 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010-06-23 11:35:52 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010-06-23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010-05-18 22:20:35 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010-05-18 16:44:13 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010-05-18 16:44:13 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010-05-18 16:44:13 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010-05-05 21:41:46 | 000,087,608 | ---- | C] () -- C:\Users\Mikołaj\AppData\Roaming\inst.exe
[2010-05-05 21:41:46 | 000,007,887 | ---- | C] () -- C:\Users\Mikołaj\AppData\Roaming\pcouffin.cat
[2010-05-05 21:41:46 | 000,001,144 | ---- | C] () -- C:\Users\Mikołaj\AppData\Roaming\pcouffin.inf
[2010-05-01 21:27:17 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2010-04-03 18:51:39 | 000,001,110 | ---- | C] () -- C:\Windows\disney.ini
[2010-03-21 13:09:12 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010-03-15 04:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010-02-23 23:16:44 | 000,000,000 | -HSD | M] -- C:\Users\Mikołaj\AppData\Roaming\.#
[2011-10-31 23:58:53 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\.minecraft
[2010-05-30 10:27:40 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\avidemux
[2009-12-04 19:09:38 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\DAEMON Tools Lite
[2010-07-17 21:32:08 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Dark Sector
[2010-04-03 19:08:40 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Disney Interactive Studios
[2011-02-09 09:58:47 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\ESET
[2010-01-02 19:31:50 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\foobar2000
[2010-04-28 14:08:27 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\fretsonfire
[2012-02-06 00:10:06 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Gadu-Gadu 10
[2012-03-02 16:03:25 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\go
[2009-11-30 10:17:26 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\gtk-2.0
[2012-03-02 18:11:53 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\ipla
[2009-11-27 18:45:07 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\IrfanView
[2010-06-18 22:25:27 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Mount&Blade
[2012-01-17 21:36:07 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\NapiProjekt
[2011-12-26 00:56:52 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Need for Speed World
[2010-10-16 08:33:02 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Nowe Gadu-Gadu
[2010-04-09 16:33:43 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\OpenFM
[2011-11-05 21:10:57 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Origin
[2010-03-18 22:13:19 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\PhotoFiltre
[2012-03-02 17:10:30 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Process Hacker 2
[2011-05-18 15:18:28 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\PunkBuster
[2010-11-30 08:59:40 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\RDRM
[2010-11-20 23:08:22 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Samsung
[2011-11-06 15:41:15 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Stellarium
[2012-02-11 18:12:28 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\streamripper
[2011-02-13 16:33:56 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\TomTom
[2010-07-17 23:08:44 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Touchstone
[2010-10-21 15:54:18 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\TS3Client
[2011-12-12 18:21:03 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Ubisoft
[2010-06-18 18:01:20 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\uTorrent
[2010-07-24 21:33:57 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Vso
[2012-01-10 16:14:07 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\WB Games
[2010-10-26 13:12:21 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Win7codecs
[2012-02-28 20:27:54 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2011-04-16 09:25:24 | 000,000,000 | ---D | M](C:\????°) -- C:\巓睉鎗睂°
[2011-04-16 09:25:24 | 000,000,000 | ---D | C](C:\????°) -- C:\巓睉鎗睂°
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 949 bytes -> C:\ProgramData\TEMP:24721E3C
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:671329E4
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >