OTL logfile created on: 2012-08-02 13:15:19 - Run 1 OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Szostak\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,72 Gb Available Physical Memory | 83,65% Memory free 6,49 Gb Paging File | 6,02 Gb Available in Paging File | 92,65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 146,39 Gb Total Space | 20,27 Gb Free Space | 13,85% Space Free | Partition Type: NTFS Drive D: | 247,92 Gb Total Space | 12,74 Gb Free Space | 5,14% Space Free | Partition Type: NTFS Drive E: | 195,31 Gb Total Space | 55,65 Gb Free Space | 28,49% Space Free | Partition Type: NTFS Drive F: | 170,90 Gb Total Space | 32,10 Gb Free Space | 18,79% Space Free | Partition Type: NTFS Drive G: | 170,90 Gb Total Space | 134,55 Gb Free Space | 78,73% Space Free | Partition Type: NTFS Computer Name: AM3 | User Name: Szostak | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-02 13:12:50 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Szostak\Desktop\OTL.exe PRC - [2012-07-20 14:30:29 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-11-20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-20 14:30:29 | 002,003,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-07-20 14:30:29 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-07-10 19:57:47 | 004,419,392 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai) SRV - [2012-04-06 04:15:50 | 000,217,600 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012-04-05 21:56:18 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2012-03-07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012-03-05 00:13:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-11-25 00:12:01 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-07-04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Stopped] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2010-04-06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv) SRV - [2010-01-25 08:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc) SRV - [2009-10-15 14:06:46 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Stopped] -- C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService) SRV - [2009-08-24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Gigabyte\EasySaver\essvr.exe -- (ES lite Service) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2007-12-06 21:03:41 | 000,660,768 | ---- | M] (ABBYY (BIT Software)) [Auto | Stopped] -- C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP) DRV - [2012-08-02 12:58:24 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012-08-01 22:08:43 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro36.sys -- (hitmanpro36) DRV - [2012-04-06 07:21:10 | 009,334,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2012-04-06 03:10:22 | 000,275,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2012-03-07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012-03-05 16:04:30 | 000,045,184 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.1) DRV - [2012-03-05 16:04:30 | 000,045,184 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.01) DRV - [2011-09-27 17:29:01 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv) DRV - [2011-05-18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011-05-18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-05-18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011-05-18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2011-05-18 10:09:48 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-06-14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010-04-27 11:56:44 | 000,019,496 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger) DRV - [2010-04-27 04:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2010-04-27 04:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) DRV - [2010-04-27 04:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2010-04-27 04:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2010-04-27 04:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) DRV - [2010-04-27 04:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2010-02-18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86) DRV - [2010-01-27 05:04:00 | 000,183,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService) DRV - [2009-11-20 13:15:18 | 000,137,728 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2009-11-20 13:15:16 | 000,058,880 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2008-11-14 03:11:30 | 000,017,184 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Stopped] -- C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys -- (UltraMonUtility) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2006-07-24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2000-10-24 00:00:00 | 000,003,608 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\port_nt.sys -- (port_nt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{D0C10298-3C1E-4a4a-B1B7-BD7FAC2A4263}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=a219d894-fb49-11e0-830b-1c6f65afec5d&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\..\SearchScopes,DefaultScope = {5AFC0F26-A7E4-4b6e-8E34-88615FC47F7A} IE - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\..\SearchScopes\{5AFC0F26-A7E4-4b6e-8E34-88615FC47F7A}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD IE - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\..\SearchScopes\{9D79A64F-3598-444f-89EB-3162D8B959E2}: "URL" = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pl&q={searchTerms} IE - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\..\SearchScopes\{D0C10298-3C1E-4a4a-B1B7-BD7FAC2A4263}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=a219d894-fb49-11e0-830b-1c6f65afec5d&q={searchTerms} IE - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "https://www.google.pl/" FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=a219d894-fb49-11e0-830b-1c6f65afec5d&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@ganymede/MAKAOV2,version=1.0: C:\Program Files\Ganymede\Plugins\MAKAOV2\NPMAKAOV2.dll (Ganymede Technologies) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Szostak\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Szostak\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Szostak\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Szostak\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Szostak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-03 21:33:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-08-01 22:29:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-20 14:30:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-19 13:42:28 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-03 21:33:52 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-20 14:30:29 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-05-19 13:42:28 | 000,000,000 | ---D | M] [2011-09-27 19:26:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szostak\AppData\Roaming\mozilla\Extensions [2012-07-25 16:45:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Szostak\AppData\Roaming\mozilla\Firefox\Profiles\kv4psgxe.default\extensions [2012-06-30 14:25:05 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Szostak\AppData\Roaming\mozilla\Firefox\Profiles\kv4psgxe.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2011-07-11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Szostak\AppData\Roaming\Mozilla\Firefox\Profiles\kv4psgxe.default\searchplugins\startsear.xml [2012-01-02 17:00:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-09-27 19:29:43 | 000,033,376 | ---- | M] () (No name found) -- C:\USERS\SZOSTAK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\KV4PSGXE.DEFAULT\EXTENSIONS\{8B68FD37-AC54-4C6C-A165-E369CE5EA38E}.XPI [2012-07-20 14:30:29 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-10-03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-07-15 13:24:58 | 000,686,240 | ---- | M] (Ganymede Technologies) -- C:\Program Files\mozilla firefox\plugins\NPMAKAOV2.dll [2011-10-03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2011-10-02 12:11:07 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-10-02 12:11:07 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-10-02 12:11:07 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-10-02 12:11:07 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-10-02 12:11:07 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-10-02 12:11:07 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.60\pdf.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Users\Szostak\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll CHR - plugin: vShare.tv plug-in (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - plugin: Ganymede Makao Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPMAKAOV2.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Szostak\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Szostak\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Szostak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: avast! WebRep = C:\Users\Szostak\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\ CHR - Extension: vshare plugin = C:\Users\Szostak\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\ O1 HOSTS File: ([2012-06-21 11:09:53 | 000,001,240 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 xnx x.com O1 - Hosts: 127.0.0.1 vide o.xnxx.com O1 - Hosts: 127.0.0.1 www. xnxx.com O1 - Hosts: 127.0.0.1 xhamster.com O1 - Hosts: 127.0.0.1 www.xhamster.com O1 - Hosts: 127.0.0.1 redtube.com O1 - Hosts: 127.0.0.1 www.redtube.com O1 - Hosts: 127.0.0.1 www.youporn.com O1 - Hosts: 127.0.0.1 www.pornhub.com O1 - Hosts: 127.0.0.1 www.tube8.com O1 - Hosts: 127.0.0.1 www.drtuber.com O1 - Hosts: 127.0.0.1 www.wetmummy.com O1 - Hosts: 127.0.0.1 www.simplyvids.com O1 - Hosts: 127.0.0.1 simplyvids.com O1 - Hosts: 127.0.0.1 sadistic.pl O1 - Hosts: 127.0.0.1 www.sadistic.com O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AMD AVT] C:\Windows\System32\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BCU] C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" File not found O4 - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000..\Run: [Akamai NetSession Interface] C:\Users\Szostak\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000..\Run: [csiivrlhnfutydm] C:\ProgramData\csiivrlh.exe (Elpida Memory) O4 - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe /tray File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O7 - HKU\S-1-5-21-3531334824-2885165584-2736942052-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O13 - gopher Prefix: missing O16 - DPF: {336C9D79-263A-4D75-AA7C-60DAF945AE67} http://91.150.197.91/classes/OvisLinkCamV_H264.cab (OvisLink IPCamera Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BC2D921-28C5-4BAC-9EEB-CBB6A9EBAF2E}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011-10-05 14:31:49 | 000,000,000 | ---D | M] - E:\AutoCAD 2010 PL -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-02 13:12:48 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Szostak\Desktop\OTL.exe [2012-08-02 13:10:04 | 000,000,000 | ---D | C] -- F:\PcSetup [2012-08-01 22:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012-08-01 22:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012-08-01 22:29:58 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2012-08-01 22:29:49 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012-08-01 22:29:48 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2012-08-01 22:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012-08-01 22:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-08-01 21:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2012-08-01 21:04:30 | 007,750,160 | ---- | C] (SurfRight B.V.) -- C:\Users\Szostak\Desktop\HitmanPro36.exe [2012-08-01 19:57:23 | 000,073,728 | ---- | C] (Elpida Memory) -- C:\ProgramData\csiivrlh.exe [2012-08-01 19:57:22 | 000,000,000 | ---D | C] -- C:\ProgramData\xfcmdetpnansfzl [2012-08-01 19:56:56 | 000,073,728 | ---- | C] (Elpida Memory) -- C:\Users\Szostak\0.013863578121534381.exe [2012-07-27 10:29:52 | 000,000,000 | ---D | C] -- C:\Users\Szostak\Desktop\105SSCAM [2012-07-26 09:14:00 | 000,000,000 | ---D | C] -- C:\Users\Szostak\Desktop\Kot [2012-07-26 09:13:10 | 000,000,000 | ---D | C] -- C:\Users\Szostak\Desktop\Makarska 2012 Hugo [2012-07-26 09:12:43 | 000,000,000 | ---D | C] -- C:\Users\Szostak\Desktop\Kasia [2012-07-25 10:51:35 | 000,000,000 | ---D | C] -- C:\Users\Szostak\.thumbnails [2012-07-25 10:49:07 | 000,000,000 | ---D | C] -- C:\Users\Szostak\AppData\Local\fontconfig [2012-07-25 10:49:06 | 000,000,000 | ---D | C] -- C:\Users\Szostak\AppData\Local\gegl-0.2 [2012-07-25 10:49:06 | 000,000,000 | ---D | C] -- C:\Users\Szostak\.gimp-2.8 [2012-07-25 10:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2012-07-18 08:12:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012-07-11 18:36:03 | 000,000,000 | ---D | C] -- C:\Users\Szostak\Desktop\Christie Agata [2012-07-11 06:28:31 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-07-11 06:28:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-07-11 06:28:30 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-07-11 06:28:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-07-11 06:28:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-07-11 06:28:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-07-11 06:28:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-07-11 06:26:16 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-07-11 06:17:40 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012-07-11 06:17:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2012-07-11 06:17:36 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2012-07-03 17:08:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF to ePub Converter [2012-07-03 17:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\PDF to ePub Converter [2011-10-04 16:47:38 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Szostak\AppData\Roaming\pcouffin.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] File not found -- C:\Users\Szostak\Desktop\pet.rar File not found -- C:\Users\Szostak\Desktop\pet(1).rar File not found -- C:\Windows\System32\ [2012-08-02 13:12:50 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Szostak\Desktop\OTL.exe [2012-08-02 13:10:05 | 000,087,608 | ---- | M] () -- C:\Users\Szostak\AppData\Roaming\inst.exe [2012-08-02 13:10:05 | 000,047,360 | ---- | M] (VSO Software) -- C:\Users\Szostak\AppData\Roaming\pcouffin.sys [2012-08-02 13:10:05 | 000,007,887 | ---- | M] () -- C:\Users\Szostak\AppData\Roaming\pcouffin.cat [2012-08-02 13:10:05 | 000,001,144 | ---- | M] () -- C:\Users\Szostak\AppData\Roaming\pcouffin.inf [2012-08-02 13:04:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-02 13:04:29 | 2615,320,576 | -HS- | M] () -- C:\hiberfil.sys [2012-08-02 13:03:33 | 000,014,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-02 13:03:33 | 000,014,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-02 12:58:24 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys [2012-08-02 12:58:24 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012-08-01 22:37:36 | 000,000,095 | ---- | M] () -- C:\Windows\winamp.ini [2012-08-01 22:31:37 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-08-01 22:30:01 | 000,001,998 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-08-01 22:29:58 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012-08-01 22:22:10 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012-08-01 22:14:54 | 074,761,776 | ---- | M] () -- C:\Users\Szostak\Desktop\setup_av_free.exe [2012-08-01 22:08:43 | 000,027,424 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro36.sys [2012-08-01 21:42:41 | 000,003,228 | ---- | M] () -- C:\Windows\System32\.crusader [2012-08-01 21:04:51 | 007,750,160 | ---- | M] (SurfRight B.V.) -- C:\Users\Szostak\Desktop\HitmanPro36.exe [2012-08-01 20:40:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3531334824-2885165584-2736942052-1000UA.job [2012-08-01 19:57:23 | 000,000,051 | ---- | M] () -- C:\ProgramData\axyhsjrufnstewt [2012-08-01 19:56:57 | 000,073,728 | ---- | M] (Elpida Memory) -- C:\ProgramData\csiivrlh.exe [2012-08-01 19:56:57 | 000,073,728 | ---- | M] (Elpida Memory) -- C:\Users\Szostak\0.013863578121534381.exe [2012-08-01 15:40:00 | 000,001,014 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3531334824-2885165584-2736942052-1000Core.job [2012-08-01 06:19:39 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-08-01 06:19:39 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-08-01 06:19:39 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-08-01 06:19:39 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-07-28 22:08:56 | 029,630,862 | R--- | M] () -- C:\Users\Szostak\Desktop\2012-07-28 Nokia 6700 classic (2).nbu [2012-07-28 21:58:22 | 029,630,862 | R--- | M] () -- C:\Users\Szostak\Desktop\2012-07-28 Nokia 6700 classic.nbu [2012-07-27 10:51:45 | 000,000,213 | ---- | M] () -- C:\Users\Szostak\AppData\Roaming\burnaware.ini [2012-07-25 14:24:34 | 001,584,641 | ---- | M] () -- C:\Users\Szostak\Desktop\SDC10384.JPG [2012-07-25 10:53:50 | 000,002,403 | ---- | M] () -- C:\Users\Szostak\AppData\Local\recently-used.xbel [2012-07-24 19:16:09 | 000,258,041 | ---- | M] () -- C:\Users\Szostak\Desktop\makarska.jpg [2012-07-23 10:52:37 | 000,552,864 | ---- | M] () -- C:\Users\Szostak\Desktop\Zdjęcie0185.jpg [2012-07-21 00:46:48 | 000,016,384 | ---- | M] () -- C:\Users\Szostak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-16 13:29:47 | 247,500,322 | ---- | M] () -- C:\Users\Szostak\Desktop\sp71.zip [2012-07-16 13:24:36 | 092,650,655 | ---- | M] () -- C:\Users\Szostak\Desktop\essential.zip [2012-07-11 18:39:24 | 000,637,221 | ---- | M] () -- C:\Users\Szostak\Desktop\Ehrhardt Ute - Grzeczne dziewczynki idą do nieba, niegrzeczne idą tam, gdzie chcą.pdf [2012-07-11 18:34:33 | 001,191,409 | ---- | M] () -- C:\Users\Szostak\Desktop\Christie Agatha - Po pogrzebie.pdf [2012-07-11 18:34:22 | 002,680,302 | ---- | M] () -- C:\Users\Szostak\Desktop\Brown Dan - Anioły i Demony.pdf [2012-07-11 18:34:21 | 001,462,626 | ---- | M] () -- C:\Users\Szostak\Desktop\Brown Dan - Zwodniczy Punkt.pdf [2012-07-11 18:34:21 | 001,462,626 | ---- | M] () -- C:\Users\Szostak\Desktop\Brown Dan - Cyfrowa Twierdza.pdf [2012-07-11 09:09:37 | 000,375,856 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-07-04 08:13:09 | 000,004,096 | -H-- | M] () -- C:\Users\Szostak\AppData\Local\keyfile3.drm [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] File not found -- C:\Users\Szostak\Desktop\pet.rar File not found -- C:\Users\Szostak\Desktop\pet(1).rar File not found -- C:\Windows\System32\ [2012-08-01 22:31:37 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012-08-01 22:30:01 | 000,001,998 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-08-01 22:11:24 | 074,761,776 | ---- | C] () -- C:\Users\Szostak\Desktop\setup_av_free.exe [2012-08-01 21:43:47 | 000,027,424 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys [2012-08-01 21:42:41 | 000,003,228 | ---- | C] () -- C:\Windows\System32\.crusader [2012-08-01 19:56:57 | 000,000,051 | ---- | C] () -- C:\ProgramData\axyhsjrufnstewt [2012-07-28 22:01:50 | 029,630,862 | R--- | C] () -- C:\Users\Szostak\Desktop\2012-07-28 Nokia 6700 classic (2).nbu [2012-07-28 21:54:33 | 029,630,862 | R--- | C] () -- C:\Users\Szostak\Desktop\2012-07-28 Nokia 6700 classic.nbu [2012-07-25 14:46:54 | 001,584,641 | ---- | C] () -- C:\Users\Szostak\Desktop\SDC10384.JPG [2012-07-25 10:53:50 | 000,002,403 | ---- | C] () -- C:\Users\Szostak\AppData\Local\recently-used.xbel [2012-07-25 10:47:50 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk [2012-07-24 19:15:58 | 000,258,041 | ---- | C] () -- C:\Users\Szostak\Desktop\makarska.jpg [2012-07-23 10:52:15 | 000,552,864 | ---- | C] () -- C:\Users\Szostak\Desktop\Zdjęcie0185.jpg [2012-07-16 13:17:12 | 092,650,655 | ---- | C] () -- C:\Users\Szostak\Desktop\essential.zip [2012-07-16 13:16:30 | 247,500,322 | ---- | C] () -- C:\Users\Szostak\Desktop\sp71.zip [2012-07-11 18:39:21 | 000,637,221 | ---- | C] () -- C:\Users\Szostak\Desktop\Ehrhardt Ute - Grzeczne dziewczynki idą do nieba, niegrzeczne idą tam, gdzie chcą.pdf [2012-07-11 18:36:07 | 002,156,575 | ---- | C] () -- C:\Users\Szostak\Desktop\Christie Agatha - Przyjdz i zgin.pdf [2012-07-11 18:36:07 | 000,871,236 | ---- | C] () -- C:\Users\Szostak\Desktop\Christie Agatha - Slonie maja dobra pamiec.pdf [2012-07-11 18:36:07 | 000,682,718 | ---- | C] () -- C:\Users\Szostak\Desktop\Christie Agatha - Próba niewinności.pdf [2012-07-11 18:36:06 | 001,019,961 | ---- | C] () -- C:\Users\Szostak\Desktop\Christie Agatha - Śledztwo na cztery ręce.pdf [2012-07-11 18:36:06 | 000,614,932 | ---- | C] () -- C:\Users\Szostak\Desktop\Christie Agatha - Samotny dom.pdf [2012-07-11 18:34:29 | 001,191,409 | ---- | C] () -- C:\Users\Szostak\Desktop\Christie Agatha - Po pogrzebie.pdf [2012-07-11 18:34:14 | 001,462,626 | ---- | C] () -- C:\Users\Szostak\Desktop\Brown Dan - Zwodniczy Punkt.pdf [2012-07-11 18:34:11 | 001,462,626 | ---- | C] () -- C:\Users\Szostak\Desktop\Brown Dan - Cyfrowa Twierdza.pdf [2012-07-11 18:34:08 | 002,680,302 | ---- | C] () -- C:\Users\Szostak\Desktop\Brown Dan - Anioły i Demony.pdf [2012-06-06 13:47:22 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012-06-06 13:40:48 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT [2012-04-21 16:13:45 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2012-04-06 16:19:04 | 000,004,096 | -H-- | C] () -- C:\Users\Szostak\AppData\Local\keyfile3.drm [2012-04-05 22:34:22 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012-03-29 14:36:17 | 000,098,304 | ---- | C] () -- C:\Users\Szostak\AppData\Local\Tempbazacen20120329_143617_349.mdb [2012-03-21 15:04:09 | 000,925,696 | ---- | C] () -- C:\Windows\System32\AxEImage.dll [2012-03-21 15:04:09 | 000,663,552 | ---- | C] () -- C:\Windows\System32\FreeImage.dll [2012-03-18 23:05:58 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx13_ic.ini [2012-03-18 23:05:57 | 000,131,072 | ---- | C] () -- C:\Windows\System32\CSVSpecialProcessing.dll [2012-03-18 23:05:57 | 000,102,400 | ---- | C] () -- C:\Windows\System32\SARzilla.dll [2012-03-18 23:05:57 | 000,098,304 | ---- | C] () -- C:\Windows\System32\DVM.dll [2012-03-18 23:05:57 | 000,053,248 | ---- | C] () -- C:\Windows\System32\RegisterExe.exe [2012-03-09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll [2012-02-27 15:03:17 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2012-02-27 15:03:17 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2012-02-27 14:44:22 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2012-02-27 14:42:35 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2012-02-26 16:26:48 | 000,042,584 | ---- | C] () -- C:\Windows\SETUPQSB.EXE [2012-02-15 04:28:34 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2012-02-15 04:28:32 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2012-02-12 18:46:49 | 000,000,036 | -H-- | C] () -- C:\Users\Szostak\AppData\Roaming\swk.ini [2012-02-11 15:39:24 | 000,707,504 | ---- | C] () -- C:\Users\Szostak\AppData\Local\unins000.exe [2012-02-11 15:39:24 | 000,011,761 | ---- | C] () -- C:\Users\Szostak\AppData\Local\unins000.msg [2012-02-11 15:39:24 | 000,002,351 | ---- | C] () -- C:\Users\Szostak\AppData\Local\unins000.dat [2012-01-10 23:10:08 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2011-12-20 09:48:11 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011-10-20 18:59:10 | 000,000,241 | ---- | C] () -- C:\Windows\Caligari.ini [2011-10-17 17:20:22 | 000,003,608 | ---- | C] () -- C:\Windows\System32\drivers\port_nt.sys [2011-10-11 17:40:16 | 000,000,213 | ---- | C] () -- C:\Users\Szostak\AppData\Roaming\burnaware.ini [2011-10-06 12:46:02 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011-10-06 12:46:02 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-10-06 12:46:01 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-10-06 12:46:01 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-10-06 12:46:00 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-10-04 16:48:37 | 000,000,022 | ---- | C] () -- C:\Windows\System32\systeminfo3.dll [2011-10-04 16:47:38 | 000,087,608 | ---- | C] () -- C:\Users\Szostak\AppData\Roaming\inst.exe [2011-10-04 16:47:38 | 000,007,887 | ---- | C] () -- C:\Users\Szostak\AppData\Roaming\pcouffin.cat [2011-10-04 16:47:38 | 000,001,144 | ---- | C] () -- C:\Users\Szostak\AppData\Roaming\pcouffin.inf [2011-10-03 21:29:16 | 000,229,885 | ---- | C] () -- C:\Windows\hpoins19.dat [2011-10-03 21:29:16 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2011-10-03 18:47:17 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp [2011-09-30 16:16:35 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2011-09-29 15:12:17 | 000,057,928 | ---- | C] () -- C:\Windows\tbat_del.exe [2011-09-29 11:53:04 | 000,016,384 | ---- | C] () -- C:\Users\Szostak\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-09-29 07:19:59 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-09-29 07:19:24 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-09-28 14:25:58 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI [2011-09-28 14:03:42 | 000,000,095 | ---- | C] () -- C:\Windows\winamp.ini [2011-09-27 17:29:01 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys [2011-09-27 17:21:36 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe [2011-09-27 17:21:35 | 000,019,496 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys [2011-09-27 17:20:10 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2011-09-27 17:19:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011-09-27 17:13:14 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2011-09-25 17:56:26 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll [2011-09-13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [color=#E56717]========== LOP Check ==========[/color] [2011-11-09 11:14:13 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\PC Suite [2012-05-17 00:47:31 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Autodesk [2011-10-20 19:17:32 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\DAEMON Tools Lite [2012-05-21 10:10:40 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Dropbox [2012-02-11 15:39:35 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2011-09-30 13:08:45 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Gadu-Gadu [2011-12-26 00:45:12 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\GanymedeNet [2012-01-12 21:33:04 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Golden Software [2011-10-04 12:15:36 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\ipla [2011-10-10 23:13:11 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Mathsoft [2012-02-12 18:51:37 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Mirillis [2012-02-20 20:07:23 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\NapiProjekt [2011-12-10 17:19:37 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Nokia [2011-11-13 17:15:11 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\PC Suite [2011-12-20 09:48:14 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\pdfforge [2012-06-06 13:13:53 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\PicasaDownloader [2012-02-10 14:11:25 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Podatnik.info [2012-01-12 21:33:06 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Polar Engineering [2012-02-27 15:03:13 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Samsung [2012-03-18 23:06:23 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Softinterface, Inc [2012-08-01 15:25:53 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\The Bat! [2012-08-01 19:09:19 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\uTorrent [2012-08-02 13:10:05 | 000,000,000 | ---D | M] -- C:\Users\Szostak\AppData\Roaming\Vso [2012-07-28 13:32:09 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >