OTL logfile created on: 2012-08-09 20:19:58 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Documents and Settings\Duh\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,74 Gb Available Physical Memory | 87,23% Memory free 3,85 Gb Paging File | 3,78 Gb Available in Paging File | 98,09% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 2,69 Gb Free Space | 13,78% Space Free | Partition Type: NTFS Drive E: | 278,55 Gb Total Space | 277,78 Gb Free Space | 99,72% Space Free | Partition Type: NTFS Drive F: | 3,72 Gb Total Space | 3,72 Gb Free Space | 99,98% Space Free | Partition Type: FAT32 Computer Name: DELL | User Name: Duh | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-09 15:19:52 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Duh\Desktop\OTL.exe PRC - [2004-08-04 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2008-03-29 16:42:20 | 000,159,744 | ---- | M] () -- C:\Program Files\SubEdit-Player\codec\MatroskaSplitter\mmfinfo.dll MOD - [2008-03-29 16:41:52 | 000,023,552 | ---- | M] () -- C:\Program Files\SubEdit-Player\codec\MatroskaSplitter\mkunicode.dll MOD - [2006-01-19 09:14:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-08-03 16:11:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-31 10:45:01 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-03-11 23:13:21 | 001,983,232 | ---- | M] (COMODO) [Auto | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2012-01-04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010-04-30 03:11:48 | 000,099,896 | R--- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPSIsvc.exe -- (HPSIService) SRV - [2009-10-15 11:13:50 | 000,136,192 | ---- | M] (HP) [Auto | Stopped] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service) SRV - [2006-11-02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\Protexis\License Service\PSIService.exe -- (ProtexisLicensing) SRV - [2006-06-29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) [Auto | Stopped] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC) SRV - [2005-12-28 12:04:56 | 000,262,217 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) SRV - [2005-08-30 17:36:00 | 000,188,416 | ---- | M] (Cambridge Silicon Radio) [Disabled | Stopped] -- C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe -- (Bluetooth Hid Switch Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Duh\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - [2012-03-11 23:13:44 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard) DRV - [2012-03-11 23:13:43 | 000,018,056 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmderd.sys -- (cmderd) DRV - [2010-04-29 01:49:50 | 000,017,408 | R--- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mvusbews.sys -- (mvusbews) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-06-19 17:24:30 | 000,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Stopped] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2007-07-16 23:29:34 | 000,017,432 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK) DRV - [2007-06-25 11:01:54 | 000,008,064 | ---- | M] (Platan) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sigma.sys -- (SIGMA) DRV - [2006-03-24 17:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2006-02-09 21:31:00 | 000,039,936 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2006-01-20 17:08:00 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd) DRV - [2006-01-11 17:29:42 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid) DRV - [2005-12-28 13:22:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2005-12-05 00:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) DRV - [2005-11-22 09:47:00 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte) DRV - [2005-10-26 10:01:02 | 000,142,720 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2005-10-03 12:57:00 | 000,086,867 | R--- | M] (CSR) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCOREUSB.sys -- (BCOREUSB) DRV - [2005-09-15 18:06:08 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp) DRV - [2005-09-08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM) DRV - [2005-09-08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M) DRV - [2005-09-08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M) DRV - [2005-09-08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM) DRV - [2005-09-08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM) DRV - [2005-09-08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM) DRV - [2005-09-08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN) DRV - [2005-08-25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM) DRV - [2005-08-25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N) DRV - [2005-08-12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV) DRV - [2005-08-01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2005-07-11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt) DRV - [2005-05-13 17:27:56 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID) DRV - [2005-04-06 09:54:44 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) DRV - [2005-01-06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2001-08-22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/ IE - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms} IE - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421; [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012-01-13 12:11:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-07-31 10:45:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-04-26 10:12:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-07-09 11:28:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_8.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_8.0 [2012-01-13 12:11:50 | 000,000,000 | ---D | M] [2011-06-02 11:39:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Duh\Application Data\Mozilla\Extensions [2011-06-02 11:39:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Duh\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-07-31 12:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Duh\Application Data\Mozilla\Firefox\Profiles\myi50er0.default\extensions [2012-02-02 11:41:26 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Duh\Application Data\Mozilla\Firefox\Profiles\myi50er0.default\searchplugins\sweetim.xml [2012-05-07 10:10:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-07-14 17:30:46 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-08-09 19:09:47 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES\DAP\DAPLINKCHECKER [2012-07-31 10:45:02 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-04-14 15:39:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-11-14 12:02:53 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-11-14 12:02:53 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-11-14 12:02:53 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-11-14 12:02:53 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-14 12:02:53 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-11-14 12:02:53 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-08-09 19:25:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc) O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions) O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [TSTheme] C:\Documents and Settings\Duh\Local Settings\Application Data\Microsoft\Windows\2952\TSTheme.exe () O4 - HKU\S-1-5-21-1606980848-2077806209-839522115-1003..\Run: [360Amigo] C:\Program files\360Amigo\360Amigo.exe (360Amigo) O4 - HKU\S-1-5-21-1606980848-2077806209-839522115-1003..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Duh\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKU\S-1-5-21-1606980848-2077806209-839522115-1003..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) O4 - Startup: C:\Documents and Settings\Duh\Start Menu\Programs\Startup\HP Print View Resource Center.lnk = C:\Program Files\Hewlett-Packard\HP Print View Software\HP Print View Resource Center\HPPrintViewResourceCenter.exe (Hewlett-Packard) O4 - Startup: C:\Documents and Settings\Duh\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = E:\Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\MAXMED\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = E:\Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1606980848-2077806209-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43B81D74-1B29-4EA8-A35B-F7D51A4A813E}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-18 23:31:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-09 20:19:47 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Duh\Desktop\OTL.exe [2012-08-09 19:39:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Duh\Recent [2012-08-09 19:32:18 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-08-09 19:20:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-08-09 19:11:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-08-09 19:11:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-08-09 19:11:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-08-09 19:11:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-08-09 19:04:55 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Duh\Start Menu\Programs\Administrative Tools [2012-08-09 19:04:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt [2012-08-09 15:36:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2012-08-09 14:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\Application Data\hellomoto [2012-08-09 14:00:05 | 000,000,000 | ---D | C] -- C:\Program Files\YourFileDownloader [2012-08-09 14:00:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\Application Data\YourFileDownloader [2012-07-30 19:31:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\Desktop\Achiwum zamowien [2012-07-26 08:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\My Documents\ChomikBox [2012-07-26 08:02:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\Local Settings\Application Data\Temp [2012-07-26 08:02:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\Local Settings\Application Data\ChomikBox [2012-07-26 08:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Chomikuj.pl [2012-07-26 08:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\ChomikBox [2012-07-24 14:22:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\My Documents\Rejestr [2012-07-24 11:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\My Documents\Instrukcje obsługi [2012-07-18 12:16:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\My Documents\New Folder [2012-07-17 14:27:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Duh\Desktop\Słonowice [2012-07-17 08:57:53 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Duh\My Documents\My Music [2010-07-20 16:38:50 | 000,064,544 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Duh\MSSSerif96.fon [2010-01-29 19:09:21 | 000,089,680 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Duh\MSSSerif120.fon [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-09 20:19:50 | 000,441,124 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-08-09 20:19:50 | 000,071,060 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-08-09 20:16:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-08-09 20:15:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-08-09 20:12:42 | 000,053,833 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001 [2012-08-09 20:11:23 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml [2012-08-09 20:11:22 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\Your File Updater.job [2012-08-09 19:26:25 | 000,001,367 | ---- | M] () -- C:\Documents and Settings\Duh\Start Menu\Programs\Startup\HP Print View Resource Center.lnk [2012-08-09 19:25:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2012-08-09 15:36:14 | 000,657,729 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat [2012-08-09 15:19:52 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Duh\Desktop\OTL.exe [2012-08-09 15:11:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-08-09 15:00:35 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-08-09 08:28:02 | 000,131,524 | ---- | M] () -- C:\Documents and Settings\Duh\Desktop\4788_MaxMed2.jpg [2012-08-09 08:27:54 | 000,126,540 | ---- | M] () -- C:\Documents and Settings\Duh\Desktop\4788_MaxMed.jpg [2012-08-08 15:43:43 | 000,053,833 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat [2012-08-08 11:00:12 | 000,726,864 | ---- | M] () -- C:\Documents and Settings\Duh\Desktop\AA_v3.exe [2012-08-07 18:10:20 | 000,001,130 | -H-- | M] () -- C:\Documents and Settings\Duh\My Documents\Default.rdp [2012-08-03 16:11:44 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-08-03 16:11:44 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-07-27 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\mmBackupMMEDICA.job [2012-07-25 18:03:33 | 000,000,155 | ---- | M] () -- C:\WINDOWS\winamp.ini [2012-07-24 10:07:45 | 000,089,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Duh\MSSSerif120.fon [2012-07-24 10:07:45 | 000,064,544 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Duh\MSSSerif96.fon [2012-07-24 09:25:53 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Duh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-23 11:17:16 | 000,297,915 | ---- | M] () -- C:\Documents and Settings\Duh\Desktop\lista.jpg [2012-07-21 09:15:07 | 000,000,071 | ---- | M] () -- C:\WINDOWS\iltwain.ini [2012-07-20 15:18:50 | 000,309,588 | ---- | M] () -- C:\Documents and Settings\Duh\Desktop\akceptacja oferty.jpg [2012-07-12 09:46:12 | 000,740,177 | ---- | M] () -- C:\Documents and Settings\Duh\Desktop\makro ceny.jpg [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-09 19:11:24 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-08-09 19:11:24 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-08-09 19:11:24 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-08-09 19:11:24 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-08-09 19:11:24 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-08-09 14:00:06 | 000,000,316 | ---- | C] () -- C:\WINDOWS\tasks\Your File Updater.job [2012-08-09 08:28:02 | 000,131,524 | ---- | C] () -- C:\Documents and Settings\Duh\Desktop\4788_MaxMed2.jpg [2012-08-09 08:27:54 | 000,126,540 | ---- | C] () -- C:\Documents and Settings\Duh\Desktop\4788_MaxMed.jpg [2012-08-08 11:00:10 | 000,726,864 | ---- | C] () -- C:\Documents and Settings\Duh\Desktop\AA_v3.exe [2012-07-23 11:16:49 | 000,297,915 | ---- | C] () -- C:\Documents and Settings\Duh\Desktop\lista.jpg [2012-07-20 15:18:24 | 000,309,588 | ---- | C] () -- C:\Documents and Settings\Duh\Desktop\akceptacja oferty.jpg [2012-07-12 09:45:45 | 000,740,177 | ---- | C] () -- C:\Documents and Settings\Duh\Desktop\makro ceny.jpg [2012-06-27 20:28:29 | 001,167,360 | ---- | C] () -- C:\WINDOWS\System32\HPM1210SM.exe [2012-06-27 20:28:29 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\HPM1210SMs.dll [2012-06-27 20:28:28 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\HPM1210LM.DLL [2012-06-27 20:28:20 | 000,167,936 | R--- | C] () -- C:\WINDOWS\System32\m1130wia.dll [2012-06-27 20:28:04 | 000,081,920 | R--- | C] () -- C:\WINDOWS\System32\mvusbews.dll [2012-06-27 20:25:36 | 000,284,672 | R--- | C] () -- C:\WINDOWS\System32\mvhlewsi.dll [2012-06-15 12:27:21 | 000,109,256 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll [2012-06-15 12:27:21 | 000,090,824 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll [2012-06-15 09:36:16 | 000,094,024 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2012-05-08 14:48:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\dcmvwr.INI [2012-02-09 16:40:30 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat [2012-02-09 16:39:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\libem.INI [2012-02-06 08:32:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-11-24 17:44:44 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\7A53299BE7.sys [2011-11-24 17:34:27 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2011-11-18 15:24:30 | 000,107,008 | ---- | C] () -- C:\WINDOWS\System32\PDFENC32.DLL [2011-10-28 09:52:17 | 000,657,729 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat [2011-10-20 14:07:12 | 000,620,544 | ---- | C] () -- C:\WINDOWS\System32\stlpmt45.dll [2011-10-20 14:07:09 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\PlatanProp.dll [2011-06-22 16:26:55 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011-06-07 11:04:28 | 000,028,779 | ---- | C] () -- C:\WINDOWS\MSUMLT0E.ini [2009-07-19 12:57:53 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\Duh\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-07-19 00:07:26 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare [color=#E56717]========== LOP Check ==========[/color] [2011-06-01 16:11:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ASSECO [2011-07-23 10:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gadu-Gadu 10 [2009-07-19 20:01:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations [2012-01-13 12:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2012-03-15 09:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2011-09-15 14:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2010-06-11 16:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soredex [2012-08-09 19:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SpeedBit [2012-02-07 16:00:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SweetIM [2012-02-09 16:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\BITS [2011-07-25 09:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\Gadu-Gadu 10 [2012-08-09 14:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\hellomoto [2009-07-19 12:44:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\InterVideo [2011-10-27 13:53:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\KeePass [2010-01-29 19:09:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\Leadertech [2011-11-16 12:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\mMedica [2009-07-19 20:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\Nokia [2011-09-15 14:50:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\PC Suite [2012-07-27 21:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\postgresql [2012-06-15 11:33:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\TeamViewer [2011-06-02 11:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\Thunderbird [2012-08-09 14:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Duh\Application Data\YourFileDownloader [2012-02-09 16:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MAXMED\Application Data\BITS [2011-10-11 13:48:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MAXMED\Application Data\PC Suite [2011-05-25 14:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MAXMED\Application Data\Thunderbird [2012-07-27 22:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\mmBackupMMEDICA.job [2012-08-09 20:11:22 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\Your File Updater.job [color=#E56717]========== Purity Check ==========[/color] < End of report >