OTL logfile created on: 2012-08-09 12:42:45 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\user\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2,00 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 79,83% Memory free
4,23 Gb Paging File | 3,97 Gb Available in Paging File | 93,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,71 Gb Total Space | 88,54 Gb Free Space | 64,76% Space Free | Partition Type: NTFS
Drive D: | 136,72 Gb Total Space | 64,28 Gb Free Space | 47,02% Space Free | Partition Type: NTFS
Drive F: | 99,17 Gb Total Space | 88,34 Gb Free Space | 89,08% Space Free | Partition Type: NTFS
 
Computer Name: KONRAD | User Name: user | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012-08-07 08:52:22 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] -- C:\Users\user\AppData\Local\Temp\DAT452E.tmp.exe -- (ecikpvznrvd)
SRV - [2012-08-01 20:01:26 | 000,113,120 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-06-20 14:58:55 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012-05-29 17:38:00 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012-05-29 17:37:58 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2012-03-12 19:46:17 | 000,918,880 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2011-12-21 16:40:56 | 000,578,264 | ---- | M] (Pandora.TV) [Disabled | Stopped] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011-08-02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011-05-21 07:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2008-05-06 16:33:42 | 000,212,992 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008-01-18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Users\user\AppData\Local\Temp\3019.sys -- (3019)
DRV - [2012-05-19 19:19:30 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2012-02-09 22:43:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012-02-09 13:16:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011-08-09 15:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011-08-04 10:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2011-08-04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2011-07-12 09:35:42 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2011-07-11 02:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 02:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2010-01-28 16:25:03 | 000,068,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008-05-06 16:35:22 | 000,356,352 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008-01-18 20:25:06 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007-07-09 10:40:20 | 000,044,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2006-06-29 07:58:28 | 000,146,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\V0220Dev.sys -- (V0220Dev)
DRV - [2006-06-08 10:00:52 | 000,006,272 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\V0220Vfx.sys -- (V0220Vfx)
DRV - [2006-06-02 05:37:58 | 000,236,800 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RT2500.sys -- (RT2500)
DRV - [2005-08-17 07:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005-08-17 07:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005-08-17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://wyborcza.pl/0,0.html?p=028
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=10&barid={FAC2B9AC-9F77-11E1-A83B-8A50B063BDAC}
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}&barid={FAC2B9AC-9F77-11E1-A83B-8A50B063BDAC}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=15187
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111434&tt=020512_bsttb_est&babsrc=SP_ss&mntrId=2e4020ce0000000000000019d1791520
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7E017077-AF1A-4F2D-9814-449CF1DF3B81}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={20C7F4E0-ABDA-4D05-AEB8-41789D108C33}&mid=1bc4d8247342dc8d5b6c122bc85e3cdb-8e169f9b694c9671b0434e49a1bc863df885f93c&lang=pl&ds=AVG&pr=fr&d=2011-12-09 14:02:27&v=8.0.0.40&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
IE - HKCU\..\SearchScopes\{D8832A7C-8A10-4CA7-AC36-5A9CDD4F4477}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=kw&q={searchTerms}&locale=&apn_ptnrs=RY&apn_dtid=YYYYYYYYPL&apn_uid=93eb0f03-702c-4911-951d-9e17a22b9c66&apn_sauid=C17DC5DF-39DF-4635-B523-23CD393FC60B
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}&barid={FAC2B9AC-9F77-11E1-A83B-8A50B063BDAC}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?l=dis&o=15187"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&apn_uid=93eb0f03-702c-4911-951d-9e17a22b9c66&apn_ptnrs=RY&apn_sauid=C17DC5DF-39DF-4635-B523-23CD393FC60B&apn_dtid=YYYYYYYYPL&&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=111434&tt=020512_bsttb_est&babsrc=HP_ss&mntrId=2e4020ce0000000000000019d1791520"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\user\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\user\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-08-01 20:01:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-12-09 18:29:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-12-09 15:55:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-08-01 20:01:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-12-09 18:29:06 | 000,000,000 | ---D | M]
 
[2009-04-17 09:37:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2012-07-28 10:23:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\djrxmw0f.default\extensions
[2010-04-27 17:29:48 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\djrxmw0f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-05-20 14:52:57 | 000,000,000 | ---D | M] (WOT) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\djrxmw0f.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011-07-04 11:32:22 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\djrxmw0f.default\extensions\engine@conduit.com
[2012-06-22 15:44:58 | 000,000,000 | ---D | M] ("KMPlayer Toolbar") -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\djrxmw0f.default\extensions\toolbar@ask.com
[2012-08-07 09:08:35 | 000,002,572 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\djrxmw0f.default\searchplugins\askcom.xml
[2012-05-18 18:06:04 | 000,004,113 | ---- | M] () -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\djrxmw0f.default\searchplugins\sweetim.xml
[2009-04-17 08:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-05-16 18:55:54 | 000,172,310 | ---- | M] () (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DJRXMW0F.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2012-08-01 20:01:26 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012-03-10 18:07:21 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2012-03-12 19:46:12 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012-05-18 18:05:22 | 000,002,359 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012-03-10 18:07:21 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2012-03-10 18:07:21 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2012-03-10 18:07:21 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2012-03-10 18:07:21 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2012-03-10 18:07:21 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://www.google.pl/webhp?source=search_app
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.pl/webhp?source=search_app
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\user\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\user\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Google Update (Enabled) = C:\Users\user\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: KMPlayer Toolbar = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaoggiphohkihibdkcnhnokmkfmhnj\7.15.4.24150_0\
CHR - Extension: Autumn = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\alibnodcalenogbpgdihbfccibcagloo\1.3_0\
CHR - Extension: YouTube = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Szukaj w Google = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: 1Click Downloader = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.5_0\
CHR - Extension: Gmail = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012-08-04 12:35:37 | 000,000,761 | RHS- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3 - HKLM\..\Toolbar: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Microsoft Windows Manager] C:\Users\user\M-10-6897-8685-3464\winmgr.exe ()
O4 - HKCU..\Run: [Mjjicrtugug ddd Manager] C:\Users\user\M-10-8754-86589-55555\windogz.exe File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [sqlncli] C:\Users\user\AppData\Local\Microsoft\Windows\2575\sqlncli.exe ()
O4 - HKCU..\Run: [Windows Update Server] C:\Users\user\410bec83-3019.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Konwersja do formatu Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Konwertuj do istniejącego pliku PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Konwertuj docelowe łącza do istniejącego pliku PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Konwertuj docelowe łącze do formatu Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Konwertuj wybrane łącza do formatu Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Konwertuj wybrane łącza do istniejącego pliku PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Konwertuj zaznaczenie do formatu Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Konwertuj zaznaczenie do istniejącego PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Wyślij &do programu OneNote - res://E:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8B9176A-F8DC-4634-BD8E-160973AD9B0D}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O27 - HKLM IFEO\acrobat.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\acrobat_sl.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\acrodist.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\cdspeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\formdesigner.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infotool.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nero.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroupgrade.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\photosnap.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\presentationhost.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setupx.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{212fc182-93d9-11df-b0da-9b2eb6515e53}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{ad3759ee-53f5-11de-b4e3-b57a484b0d75}\Shell - "" = AutoRun
O33 - MountPoints2\{ad3759ee-53f5-11de-b4e3-b57a484b0d75}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{db258d29-35a0-11de-8f51-000e2e51ac5f}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{db258d29-35a0-11de-8f51-000e2e51ac5f}\Shell\Open(&0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\{db84e8f8-673b-11df-942b-8866445d6057}\Shell\AutoRun\command - "" = recycle.{645FF040-5081-101B-9F08-00AA002F954E}\rav32.exe
O33 - MountPoints2\{db84e8f8-673b-11df-942b-8866445d6057}\Shell\explore\Command - "" = recycle.{645FF040-5081-101B-9F08-00AA002F954E}\rav32.exe
O33 - MountPoints2\{db84e8f8-673b-11df-942b-8866445d6057}\Shell\open\Command - "" = recycle.{645FF040-5081-101B-9F08-00AA002F954E}\rav32.exe
O33 - MountPoints2\{e1c08b44-26c6-11df-9ad3-cb3426d2001d}\Shell\AutoRun\command - "" = I:\eyruu.exe
O33 - MountPoints2\{e1c08b44-26c6-11df-9ad3-cb3426d2001d}\Shell\open\Command - "" = I:\eyruu.exe
O33 - MountPoints2\{fbaf5e1a-c0bc-11de-abd7-a46b57232ace}\Shell\AutoRun\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
O33 - MountPoints2\{fbaf5e1a-c0bc-11de-abd7-a46b57232ace}\Shell\open\command - "" = I:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012-08-09 12:35:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-08-07 09:06:55 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2012-08-07 08:26:59 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\hellomoto
[2012-08-05 14:50:28 | 000,000,000 | RHSD | C] -- C:\Users\user\M-10-8754-86589-55555
[2012-08-03 14:47:50 | 000,000,000 | RHSD | C] -- C:\Users\user\M-10-6897-8685-3464
[2012-07-25 08:40:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Activision
[2012-07-25 08:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2012-07-12 13:09:52 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012-07-12 13:07:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-07-12 13:07:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-07-12 13:07:50 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-07-12 13:07:49 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-07-12 13:07:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-07-12 13:07:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-07-12 13:07:48 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-07-12 08:27:08 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012-08-09 12:41:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-08-09 12:38:18 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-08-09 12:38:18 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-08-07 09:13:41 | 000,002,032 | ---- | M] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2012-08-07 09:07:58 | 000,606,432 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-08-07 09:07:58 | 000,112,068 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-08-07 09:07:58 | 000,022,316 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-08-07 09:07:58 | 000,007,644 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-08-07 09:06:54 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012-08-07 08:52:22 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe
[2012-08-06 18:00:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4289872287-2823726513-3669483421-1000UA.job
[2012-08-06 17:23:20 | 000,139,280 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012-08-06 17:23:14 | 000,281,872 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012-08-06 17:23:11 | 000,281,872 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012-08-06 14:00:01 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4289872287-2823726513-3669483421-1000Core.job
[2012-08-06 10:28:17 | 1629,579,941 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-08-04 13:14:42 | 000,117,248 | -HS- | M] () -- C:\Users\user\410bec83-3019.exe
[2012-08-04 12:35:37 | 000,000,761 | RHS- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012-08-04 12:23:21 | 000,117,248 | -HS- | M] () -- C:\Users\user\51180f1-3019.exe
[2012-08-04 12:15:20 | 000,117,248 | -HS- | M] () -- C:\Users\user\715bbe71-3019.exe
[2012-08-04 11:26:04 | 000,117,248 | -HS- | M] () -- C:\Users\user\7c1eafff-3019.exe
[2012-08-04 10:56:34 | 000,117,248 | -HS- | M] () -- C:\Users\user\4d471fce-3019.exe
[2012-08-01 08:08:23 | 000,002,037 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk
[2012-07-25 08:35:49 | 000,022,328 | ---- | M] () -- C:\Users\user\AppData\Roaming\PnkBstrK.sys
[2012-07-25 08:35:32 | 000,682,280 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2012-07-22 13:42:48 | 000,064,512 | ---- | M] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-07-22 13:42:14 | 000,335,129 | ---- | M] () -- C:\Users\user\Desktop\Bez tytułu.jpg
[2012-07-17 20:59:11 | 003,556,027 | ---- | M] () -- C:\Users\user\Desktop\Yeah Yeah Yeahs - Heads Will Roll.mp3
[2012-07-17 20:55:44 | 003,486,647 | ---- | M] () -- C:\Users\user\Desktop\Bruno Mars - Talking To The Moon - Radio Edit -.mp3
[2012-07-17 20:55:08 | 004,126,543 | ---- | M] () -- C:\Users\user\Desktop\bruno mars-it will rain.mp3
[2012-07-17 20:54:15 | 003,685,608 | ---- | M] () -- C:\Users\user\Desktop\Bruno Mars Marry You.mp3
[2012-07-17 20:52:51 | 003,378,814 | ---- | M] () -- C:\Users\user\Desktop\Far East Movement amp- Ryan Tedder - Rocketeer.mp3
[2012-07-12 14:44:49 | 000,330,936 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012-08-06 09:14:50 | 1629,579,941 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-08-04 13:14:42 | 000,117,248 | -HS- | C] () -- C:\Users\user\410bec83-3019.exe
[2012-08-04 12:23:21 | 000,117,248 | -HS- | C] () -- C:\Users\user\51180f1-3019.exe
[2012-08-04 12:15:21 | 000,117,248 | -HS- | C] () -- C:\Users\user\715bbe71-3019.exe
[2012-08-04 11:26:04 | 000,117,248 | -HS- | C] () -- C:\Users\user\7c1eafff-3019.exe
[2012-08-04 10:56:38 | 000,117,248 | -HS- | C] () -- C:\Users\user\4d471fce-3019.exe
[2012-07-25 19:06:38 | 000,281,872 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2012-07-22 13:42:02 | 000,335,129 | ---- | C] () -- C:\Users\user\Desktop\Bez tytułu.jpg
[2012-07-17 20:58:10 | 003,556,027 | ---- | C] () -- C:\Users\user\Desktop\Yeah Yeah Yeahs - Heads Will Roll.mp3
[2012-07-17 20:54:59 | 003,486,647 | ---- | C] () -- C:\Users\user\Desktop\Bruno Mars - Talking To The Moon - Radio Edit -.mp3
[2012-07-17 20:54:25 | 004,126,543 | ---- | C] () -- C:\Users\user\Desktop\bruno mars-it will rain.mp3
[2012-07-17 20:53:40 | 003,685,608 | ---- | C] () -- C:\Users\user\Desktop\Bruno Mars Marry You.mp3
[2012-07-17 20:52:19 | 003,378,814 | ---- | C] () -- C:\Users\user\Desktop\Far East Movement amp- Ryan Tedder - Rocketeer.mp3
[2011-05-10 16:14:50 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010-10-02 16:42:37 | 000,002,171 | ---- | C] () -- C:\Users\user\.recently-used.xbel
[2010-09-12 18:38:55 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\prvlcl.dat
[2010-03-16 18:01:17 | 000,022,328 | ---- | C] () -- C:\Users\user\AppData\Roaming\PnkBstrK.sys
[2009-12-28 14:19:47 | 000,000,104 | ---- | C] () -- C:\Users\user\Kosz — skrót (2).lnk
[2009-12-28 14:19:42 | 000,000,104 | ---- | C] () -- C:\Users\user\Kosz — skrót.lnk
[2009-06-29 21:01:45 | 000,000,012 | ---- | C] () -- C:\ProgramData\plugins.lib
[2009-04-18 17:04:38 | 000,064,512 | ---- | C] () -- C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-04-16 22:52:54 | 000,002,032 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps.dat
[2008-06-29 10:11:06 | 000,002,045 | -H-- | C] () -- C:\ProgramData\whlb32g.dll
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >