OTL logfile created on: 2012-03-19 08:37:59 - Run 1 OTL by OldTimer - Version 3.2.39.1 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,50 Gb Total Physical Memory | 2,74 Gb Available Physical Memory | 78,28% Memory free 5,34 Gb Paging File | 4,69 Gb Available in Paging File | 87,95% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 465,66 Gb Total Space | 416,11 Gb Free Space | 89,36% Space Free | Partition Type: NTFS Drive G: | 1,83 Gb Total Space | 1,03 Gb Free Space | 56,42% Space Free | Partition Type: FAT Computer Name: KOMPUTER | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-03-19 08:36:41 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2012-03-04 22:48:40 | 000,934,752 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe PRC - [2012-03-04 22:40:10 | 000,748,440 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe PRC - [2012-01-26 07:22:49 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2011-09-28 01:39:52 | 000,404,568 | ---- | M] (LG Electronics) -- C:\Documents and Settings\All Users\Dane aplikacji\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe PRC - [2011-06-02 10:33:38 | 002,240,512 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe PRC - [2011-05-25 08:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2007-07-13 23:42:04 | 001,540,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-01-26 07:23:05 | 000,275,968 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll MOD - [2012-01-26 07:23:05 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll MOD - [2012-01-26 07:23:05 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll MOD - [2012-01-26 07:23:05 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll MOD - [2012-01-26 07:23:01 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll MOD - [2012-01-26 07:23:01 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll MOD - [2012-01-26 07:23:00 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll MOD - [2012-01-26 07:23:00 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll MOD - [2012-01-26 07:23:00 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll MOD - [2012-01-26 07:22:59 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll MOD - [2012-01-26 07:22:59 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll MOD - [2012-01-26 07:22:59 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll MOD - [2012-01-26 07:22:59 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll MOD - [2011-07-18 22:04:08 | 000,296,448 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_04.dll MOD - [2011-06-02 10:33:38 | 002,240,512 | ---- | M] () -- C:\Program Files\Vtune\TBPANEL.exe MOD - [2011-05-05 00:02:44 | 000,355,432 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll MOD - [2011-05-05 00:02:42 | 001,558,120 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2007-01-31 11:33:24 | 000,032,768 | ---- | M] () -- C:\Program Files\Vtune\TBPanelExt.dll MOD - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe MOD - [2001-10-28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll MOD - [1998-10-31 04:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files\Vtune\TBMANAGE.DLL [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-03-04 22:40:10 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2011-11-14 13:04:56 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-05-25 08:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009-07-20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2006-11-02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2010-08-04 14:16:54 | 002,127,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2009-11-30 07:31:42 | 000,050,176 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2009-10-25 17:30:16 | 000,016,384 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk) DRV - [2007-07-28 02:15:52 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 10:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-343818398-1972579041-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-343818398-1972579041-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.1\pdfforgeToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_en&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\..\SearchScopes\{82CEF02D-6CEE-4265-BCE7-F820D14EAB61}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms} IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-343818398-1972579041-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12" FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-30 07:54:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-01-24 09:41:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-01-17 10:39:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-12-30 07:54:30 | 000,000,000 | ---D | M] [2011-11-18 08:52:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2012-03-14 07:46:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\e5d2x7if.default\extensions [2012-01-24 09:41:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-03-14 07:46:24 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM [2012-03-14 07:46:24 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF [2011-12-21 09:04:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-12-21 06:04:32 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-12-21 06:04:32 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-12-21 06:04:32 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-12-21 06:04:32 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-12-21 06:04:32 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-12-21 06:04:32 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.1\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\5.1\pdfforgeToolbarIE.dll (Spigot, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [B2C_AGENT] C:\Documents and Settings\All Users\Dane aplikacji\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [elmq5] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0096\mp1lmq2.exe () O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [emails5] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0069\mmails2.exe () O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [ep185] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0056\mp18982.exe () O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [epp1305] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0076\mp130982.exe () O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [etef5] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0068\mtefq2.exe () O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [five922] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1272\uffive92.exe () O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [mixswd] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0076\mixhdg.exe () O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [mp735] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0016\mip982.exe () O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [TBPanel] C:\Program Files\Vtune\TBPanel.exe () O4 - HKU\S-1-5-21-343818398-1972579041-725345543-500..\Run: [uzfive172] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1170\ufive17.exe () O4 - HKLM..\RunOnce: [ashMaiSv] C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-19..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-20..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - HKU\S-1-5-21-343818398-1972579041-725345543-1004..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKU\S-1-5-21-343818398-1972579041-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F5C6450F-214E-466D-BB84-588D60BFE9DD}: NameServer = 94.42.105.2,94.42.105.30 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1170\ufive17.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1170\ufive17.exe () O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1170\ufive17.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1170\ufive17.exe () O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1272\uffive92.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1272\uffive92.exe () O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0096\mp1lmq2.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0096\mp1lmq2.exe () O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0069\mmails2.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0069\mmails2.exe () O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0076\mixhdg.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0076\mixhdg.exe () O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0076\mp130982.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0076\mp130982.exe () O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0056\mp18982.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0056\mp18982.exe () O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0016\mip982.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0016\mip982.exe () O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-343818398-1972579041-725345543-500 Winlogon: Shell - (C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0068\mtefq2.exe) - C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-0068\mtefq2.exe () O24 - Desktop Components:0 (Bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy\windows-7-wallpaper-040.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy\windows-7-wallpaper-040.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-11-03 09:44:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{63feed4c-0611-11e1-985b-8c89a52d579d}\Shell - "" = AutoRun O33 - MountPoints2\{63feed4c-0611-11e1-985b-8c89a52d579d}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\e5188982.exe O33 - MountPoints2\{63feed4c-0611-11e1-985b-8c89a52d579d}\Shell\explore\command - "" = N:\RECYCLER\e5188982.exe O33 - MountPoints2\{63feed4c-0611-11e1-985b-8c89a52d579d}\Shell\open\command - "" = N:\RECYCLER\e5188982.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-03-19 08:36:14 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2012-03-19 08:10:13 | 000,095,608 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2012-03-19 08:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\avast! Antivirus [2012-03-19 08:10:03 | 001,152,888 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2012-03-19 08:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2012-03-19 07:58:00 | 000,000,000 | ---D | C] -- C:\2a8cbc22470bc795a3d29d [2012-03-19 07:57:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage [2012-03-19 07:57:39 | 000,000,000 | ---D | C] -- C:\686611bc72460b64c0 [2012-03-19 07:57:30 | 000,016,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2012-03-19 07:57:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2012-03-19 07:39:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ad-Aware Antivirus [2012-03-19 07:21:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2012-03-19 07:21:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2012-03-16 12:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Buka - Pokój 003 [2012-03-16 09:27:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pokrowce aukcja [2012-03-15 15:08:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Corel [2012-03-15 15:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallShield [2012-03-15 15:07:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\CorelDRAW Graphics Suite X3 [2012-03-15 15:07:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis [2012-03-15 15:06:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel [2012-03-15 15:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Corel [2012-03-15 14:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\Corel [2012-03-15 14:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\foteliki [2012-03-15 11:53:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\zdjecia foteliki [2012-03-15 10:39:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\adas [2012-03-14 07:46:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Search Settings [2012-03-14 07:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot [2012-03-14 07:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar [2012-03-14 07:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater [2012-03-13 08:37:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\tkaniny aukcje [2012-03-12 15:32:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pufa40x40 [2012-03-12 15:32:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\aukcja pufka [2012-03-12 14:22:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pufa 40x40 [2012-03-12 13:22:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Wycena [2012-03-12 10:17:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\wzornik [2012-03-12 08:37:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\miniaturki-cz [2012-03-09 15:51:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\pufka kwadratowa [2012-03-09 13:40:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\tkaniny [2012-03-08 12:39:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\Oferty [2012-03-08 11:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\przedstawiciel [2012-03-03 09:13:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\aukcje [2012-03-02 15:21:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\mp3 [2012-02-24 07:59:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\inkscape [2012-02-21 12:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\niemcy [2012-02-21 10:03:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\SumatraPDF [2012-02-18 09:11:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll [2012-02-18 09:11:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll [2012-02-18 08:40:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Fingerprint T&A Management System [2012-02-18 08:40:10 | 000,000,000 | ---D | C] -- C:\Att [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-03-19 08:36:56 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\wy10x1m0.exe [2012-03-19 08:36:41 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2012-03-19 08:10:13 | 000,002,645 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012-03-19 07:58:17 | 000,002,324 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2012-03-19 07:58:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-03-19 07:10:18 | 000,002,413 | ---- | M] () -- C:\WINDOWS\System32\lgAxconfig.ini [2012-03-19 07:09:41 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012-03-19 07:09:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-03-16 15:36:46 | 004,456,448 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT [2012-03-16 15:36:46 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini [2012-03-16 14:36:25 | 044,939,264 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Oferta współpracy Rizar - Polska Grupa Meblowa.oft [2012-03-16 10:26:55 | 000,002,516 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2012-03-16 10:26:47 | 000,000,088 | RHS- | M] () -- C:\WINDOWS\System32\C8E3ABEB54.sys [2012-03-16 07:13:55 | 004,785,080 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-03-15 15:08:37 | 000,647,904 | ---- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2012-03-15 12:35:59 | 059,052,052 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\DSC05272.psd [2012-03-15 10:03:03 | 000,620,467 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\wizytówka_monika.psd [2012-03-15 09:59:44 | 000,619,660 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\wizytówka.psd [2012-03-13 15:51:18 | 000,014,480 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\MYCHA W KOLE.cdr [2012-03-13 15:51:16 | 000,435,148 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\falubaz.cdr [2012-03-12 15:02:30 | 014,434,297 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\pufki.psd [2012-03-08 16:08:21 | 000,000,544 | ---- | M] () -- C:\Documents and Settings\Administrator\Dane aplikacji\burnaware.ini [2012-02-24 08:00:41 | 000,000,218 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2012-02-23 11:21:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-03-19 08:36:56 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\wy10x1m0.exe [2012-03-19 07:57:38 | 000,002,324 | ---- | C] () -- C:\WINDOWS\epplauncher.mif [2012-03-16 12:54:02 | 044,939,264 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Oferta współpracy Rizar - Polska Grupa Meblowa.oft [2012-03-15 15:08:26 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\C8E3ABEB54.sys [2012-03-15 14:58:07 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2012-03-15 12:13:45 | 059,052,052 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\DSC05272.psd [2012-03-15 10:03:02 | 000,620,467 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\wizytówka_monika.psd [2012-03-15 09:58:31 | 000,619,660 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\wizytówka.psd [2012-03-13 15:51:18 | 000,014,480 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\MYCHA W KOLE.cdr [2012-03-13 15:51:15 | 000,435,148 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\falubaz.cdr [2012-03-12 14:30:59 | 014,434,297 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\pufki.psd [2012-02-24 08:00:41 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2012-02-17 12:17:20 | 000,000,544 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\burnaware.ini [2012-01-10 17:33:27 | 000,000,132 | ---- | C] () -- C:\WINDOWS\picture-shark.INI [2012-01-03 14:31:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011-12-30 07:51:18 | 000,174,622 | ---- | C] () -- C:\WINDOWS\hpoins45.dat [2011-12-30 07:51:18 | 000,000,450 | ---- | C] () -- C:\WINDOWS\hpomdl45.dat [2011-12-09 08:23:33 | 007,099,304 | -H-- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db [2011-11-23 14:05:03 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll [2011-11-23 14:05:03 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll [2011-11-23 11:45:49 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-11-15 07:13:12 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll [2011-11-15 07:13:11 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini [2011-11-04 13:57:16 | 000,001,496 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe Zapisz dla Internetu 12.0 Prefs [2011-11-04 08:53:04 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Administrator\Dane aplikacji\Preferencje Adobe CS5 dla formatu PNG [2011-11-03 10:39:23 | 001,008,480 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011-11-03 10:39:22 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-11-03 10:38:25 | 004,785,080 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-11-03 10:03:15 | 000,647,904 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2011-11-03 10:01:48 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011-11-03 10:01:48 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011-11-03 10:01:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011-11-03 10:01:42 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011-11-03 09:47:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-11-03 09:44:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2011-11-03 09:44:01 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2011-11-03 09:43:59 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2011-11-03 09:43:03 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011-11-03 09:42:52 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2011-11-03 09:42:52 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2011-11-03 09:42:23 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2011-11-03 09:42:23 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [color=#E56717]========== LOP Check ==========[/color] [2012-03-19 07:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Ad-Aware Antivirus [2011-11-10 08:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012-01-10 18:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Easy Watermark Studio [2012-01-20 17:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Gadu-Gadu 10 [2012-01-26 11:16:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\HateML [2011-11-03 11:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\HEXelon [2012-02-24 07:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\inkscape [2011-11-03 11:23:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Notepad++ [2011-11-03 10:51:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Opera [2012-01-09 13:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\pdfforge [2012-03-14 07:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Search Settings [2011-11-28 18:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012-02-21 10:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\SumatraPDF [2011-12-28 11:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\TeamViewer [2012-01-17 10:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Thunderbird [2012-02-03 09:23:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\XnView [2012-03-19 08:02:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2012-03-19 07:21:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2011-11-03 10:52:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2011-11-15 07:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LGMOBILEAX [2012-03-19 07:21:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2011-11-03 13:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\regid.1986-12.com.adobe [color=#E56717]========== Purity Check ==========[/color] < End of report >