OTL logfile created on: 2012-09-17 21:32:21 - Run 1 OTL by OldTimer - Version 3.2.61.5 Folder = C:\Documents and Settings\Administrator.RAMBO.000\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 86,22% Memory free 3,85 Gb Paging File | 3,73 Gb Available in Paging File | 96,98% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 465,76 Gb Total Space | 188,15 Gb Free Space | 40,40% Space Free | Partition Type: NTFS Computer Name: RAMBO | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-09-17 21:03:22 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.RAMBO.000\Pulpit\OTL.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2010-07-04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll MOD - [2005-02-16 00:44:24 | 000,412,672 | ---- | M] () -- C:\Program Files\WinUHA\shellwinuha.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\gdnihriz.dll -- (rrabalcc) SRV - File not found [Auto | Stopped] -- c:\Program\Inet2\inetUpServ.exe -- (inetUpServ) SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\BrowserSeek\browserseek171.exe C:\Program Files\BrowserSeek\browserseek.dll dorahefe iquwerabud -- (BrowserSeek Service) SRV - [2012-09-17 20:38:12 | 001,701,400 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager) SRV - [2012-09-07 16:39:16 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-08-15 13:36:25 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate) SRV - [2012-06-11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc) SRV - [2012-05-02 01:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012-05-02 00:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011-06-17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService) SRV - [2007-07-20 00:42:30 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher) SRV - [2007-07-20 00:40:48 | 000,137,752 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2007-07-20 00:38:54 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | System | Stopped] -- system32\drivers\zulflowdgme3.sys -- (zulflowdgme3) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\UltraStar Deluxe\zlportio.sys -- (zlportio) DRV - File not found [Kernel | System | Stopped] -- system32\drivers\zccuecjcxmvmf5.sys -- (zccuecjcxmvmf5) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | System | Unknown] -- system32\drivers\wcscd.sys -- (wcscd) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\Video3D32.sys -- (Video3D) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\SEBAST~1\USTAWI~1\Temp\CEB80A.tmp -- (GarenaPEngine) DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ethmpigt.sys -- (ethmpigt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | System | Unknown] -- C:\DOCUME~1\SEBAST~1\USTAWI~1\Temp\cdfss -- (cdfss) DRV - [2012-04-27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2012-04-25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012-04-16 21:18:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2010-11-09 15:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135) DRV - [2010-10-14 12:01:45 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010-07-04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV - [2010-06-17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010-03-22 10:30:22 | 000,222,672 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2010-01-08 16:30:48 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2009-10-12 04:10:54 | 000,029,440 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLTEAMING.SYS -- (RTLTEAMING) DRV - [2009-05-01 00:56:30 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-02-24 19:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus) DRV - [2009-02-16 11:35:06 | 000,017,536 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS -- (RTLVLAN) DRV - [2008-12-26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) DRV - [2008-07-09 08:11:34 | 000,022,016 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\RtNdPt5x.sys -- (RtNdPt5x) DRV - [2008-06-20 13:08:27 | 000,225,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2008-05-02 08:48:55 | 000,062,208 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2008-04-14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008-04-14 00:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008-04-14 00:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm) DRV - [2008-03-25 12:15:50 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2007-07-20 00:39:50 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv) DRV - [2007-07-20 00:37:56 | 002,109,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap) DRV - [2007-07-18 17:42:42 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2007-05-02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm) DRV - [2007-05-02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl) DRV - [2007-05-02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) DRV - [2007-01-29 18:12:52 | 000,018,432 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AsusVRC.sys -- (ASUSVRC) DRV - [2006-08-29 00:54:56 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gan_adapter.sys -- (hamachi_oem) DRV - [2006-06-14 14:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP) DRV - [2004-08-22 17:31:48 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347prt.sys -- (d347prt) DRV - [2004-08-22 17:31:10 | 000,155,136 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\d347bus.sys -- (d347bus) DRV - [2003-12-08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2003-08-04 15:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2001-10-30 13:01:50 | 000,280,782 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) DRV - [2001-08-17 23:54:18 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2001-08-17 23:54:18 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=12 IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=12&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-07 16:39:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-09-07 16:39:11 | 000,000,000 | ---D | M] [2012-09-07 16:39:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-09-07 16:39:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-09-07 16:39:09 | 000,000,000 | ---D | M] (BrowserSeek) -- C:\Program Files\Mozilla Firefox\extensions\{BDD34CBB-CC2C-4BDE-A25F-66D443E78F9C} [2012-09-07 16:39:08 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2012-09-07 16:39:17 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010-07-17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-12-09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011-10-13 09:55:38 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-05-29 21:08:23 | 000,003,659 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-09-17 20:37:50 | 000,002,360 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2011-10-13 09:55:38 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-10-13 09:55:38 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-06-09 20:45:00 | 000,001,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\myclearsearch.xml [2011-10-13 09:55:38 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-10-13 09:55:38 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-10-13 09:55:38 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml Hosts file not found O2 - BHO: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll File not found O2 - BHO: (adfaokxapr Object) - {330B3949-9EE6-4310-AB65-927A5BEBB23E} - C:\WINDOWS\$XNTUninstall643$\aoisx.dll File not found O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (brumaokxagrm Object) - {B9CBA629-612F-42EC-980A-B0DECFA4C097} - C:\WINDOWS\$XNTUninstall643$\ptxoo.dll File not found O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found O2 - BHO: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll File not found O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (no name) - {E38FDDCD-38C8-BEF4-11E2-08F7282A59F3} - c:\windows\system32\gdnihriz.dll File not found O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\sebastian\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll (GG Network S.A.) O3 - HKLM\..\Toolbar: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\tbGoss.dll File not found O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll File not found O3 - HKLM\..\Toolbar: (Softonic-Polska Toolbar) - {c86eb8a9-ccc2-4b6c-b75d-73576ed591bf} - C:\Program Files\Softonic-Polska\tbSoft.dll File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [bipro] rundll32 "C:\WINDOWS\$XNTUninstall643$\aoisx.dll",,Run File not found O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw)) O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [nfnerova] C:\WINDOWS\system32\nfnerova.exe (Microsoft Corporation) O4 - HKLM..\Run: [nfnerovaˆ] C:\WINDOWS\system32\nfnerovaˆ.exe (Microsoft Corporation) O4 - HKLM..\Run: [nfnerovaĐ] C:\WINDOWS\System32\nfnerovaĐ.exe File not found O4 - HKLM..\Run: [nfnerovaÔ] C:\WINDOWS\System32\nfnerovaÔ.exe File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe File not found O4 - HKLM..\Run: [RMActivate_ssp] C:\Documents and Settings\sebastian\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\4897\RMActivate_ssp.exe () O4 - HKLM..\Run: [win32] -update File not found O4 - HKLM..\Run: [wuaucldt] c:\windows\system32\wuaucldt.exe File not found O4 - HKLM..\Run: [ystk3dv6xw] C:\Documents and Settings\All Users\ystk3dv6xw.exe File not found O4 - HKCU..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 79.173.40.13 79.173.40.16 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48F7FD0C-A7FF-4E00-AF22-61DE5F59D12A}: DhcpNameServer = 79.173.40.13 79.173.40.16 O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-11-17 19:41:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-09-17 21:03:18 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator.RAMBO.000\Pulpit\OTL.exe [2012-09-17 20:49:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-09-17 20:49:04 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Dane aplikacji\Microsoft [2012-09-17 20:49:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\SendTo [2012-09-17 20:49:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Dane aplikacji [2012-09-17 20:49:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Menu Start [2012-09-17 20:49:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Menu Start\Programy\Autostart [2012-09-17 20:49:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Menu Start\Programy\Akcesoria [2012-09-17 20:49:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Cookies [2012-09-17 20:49:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Ustawienia lokalne [2012-09-17 20:49:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Szablony [2012-09-17 20:49:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Recent [2012-09-17 20:49:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\PrintHood [2012-09-17 20:49:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\NetHood [2012-09-17 20:49:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Ulubione [2012-09-17 20:49:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Pulpit [2012-09-17 20:49:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Moje dokumenty [2012-09-17 20:49:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator.RAMBO.000\Dane aplikacji\Macromedia [2012-09-17 20:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\DownloadManager [2012-09-17 20:38:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Browser Manager [2012-09-17 20:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar [2012-09-17 20:25:15 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2012-09-08 22:31:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ubisoft [2012-09-08 22:23:05 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft [2012-09-08 21:24:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Paradox Interactive [2012-09-08 21:21:59 | 000,000,000 | ---D | C] -- C:\Program Files\Paradox Interactive [2012-09-07 16:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-08-27 23:44:28 | 000,000,000 | ---D | C] -- C:\Program Files\Square Enix [2012-08-19 19:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\The Elder Scrolls V Skyrim [2012-08-19 19:41:04 | 000,000,000 | ---D | C] -- C:\Program Files\The Elder Scrolls V Skyrim [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-09-17 21:26:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-09-17 21:23:46 | 000,000,314 | -HS- | M] () -- C:\WINDOWS\tasks\QCPOULZXK.job [2012-09-17 21:23:46 | 000,000,296 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2012-09-17 21:23:46 | 000,000,296 | -H-- | M] () -- C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2012-09-17 21:23:46 | 000,000,296 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2012-09-17 21:23:46 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1965331169-1801674531-1003.job [2012-09-17 21:03:22 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator.RAMBO.000\Pulpit\OTL.exe [2012-09-17 20:59:02 | 000,327,504 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-09-17 20:52:14 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-09-17 20:52:12 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Administrator.RAMBO.000\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-09-17 20:37:57 | 000,000,315 | ---- | M] () -- C:\user.js [2012-09-17 15:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At32.job [2012-09-17 15:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At31.job [2012-09-17 15:36:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-09-17 14:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At30.job [2012-09-17 14:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At29.job [2012-09-16 21:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At44.job [2012-09-16 21:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At43.job [2012-09-16 20:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At42.job [2012-09-16 20:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At41.job [2012-09-16 20:04:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1965331169-1801674531-1003.job [2012-09-16 19:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At40.job [2012-09-16 19:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At39.job [2012-09-16 18:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At38.job [2012-09-16 18:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At37.job [2012-09-16 17:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At36.job [2012-09-16 17:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At35.job [2012-09-16 16:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At34.job [2012-09-16 16:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At33.job [2012-09-16 15:01:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-09-16 13:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At28.job [2012-09-16 13:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At27.job [2012-09-16 12:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At26.job [2012-09-16 12:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At25.job [2012-09-16 11:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At24.job [2012-09-16 11:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At23.job [2012-09-16 10:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At22.job [2012-09-16 10:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At21.job [2012-09-16 09:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At20.job [2012-09-16 09:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At19.job [2012-09-16 08:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At18.job [2012-09-16 08:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At17.job [2012-09-16 07:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At16.job [2012-09-16 07:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At15.job [2012-09-16 06:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At14.job [2012-09-16 06:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At13.job [2012-09-16 05:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At12.job [2012-09-16 05:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At11.job [2012-09-16 04:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At10.job [2012-09-16 04:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At9.job [2012-09-16 03:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At8.job [2012-09-16 03:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At7.job [2012-09-16 02:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At6.job [2012-09-16 02:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At5.job [2012-09-16 01:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At4.job [2012-09-16 01:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2012-09-16 00:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2012-09-16 00:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2012-09-15 23:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At48.job [2012-09-15 23:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At47.job [2012-09-15 22:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\At46.job [2012-09-15 22:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\At45.job [2012-09-15 11:42:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2012-09-08 22:31:26 | 000,001,796 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\I Am Alive.lnk [2012-09-08 21:30:47 | 000,002,066 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Penumbra - Przebudzenie.lnk [2012-08-31 10:15:33 | 000,000,101 | ---- | M] () -- C:\WINDOWS\CMMIXER.INI [2012-08-20 19:59:33 | 000,003,861 | ---- | M] () -- C:\WINDOWS\VPlayer.INI [2012-08-20 19:59:33 | 000,000,116 | ---- | M] () -- C:\WINDOWS\VplayerINI.vpl [9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-09-17 20:52:12 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator.RAMBO.000\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-09-17 20:49:05 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator.RAMBO.000\Menu Start\Programy\Pomoc zdalna.lnk [2012-09-17 20:49:05 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Administrator.RAMBO.000\Menu Start\Programy\Windows Media Player.lnk [2012-09-17 20:39:35 | 000,001,743 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader.lnk [2012-09-17 20:39:35 | 000,001,679 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader Uninstaller.lnk [2012-09-17 20:39:35 | 000,001,656 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\JDownloader Update.lnk [2012-09-17 20:37:56 | 000,000,315 | ---- | C] () -- C:\user.js [2012-09-08 22:31:26 | 000,001,796 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\I Am Alive.lnk [2012-09-08 21:30:47 | 000,002,066 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Penumbra - Przebudzenie.lnk [2012-08-05 11:42:28 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2012-02-18 18:26:20 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KnNIHA8.dat [2011-11-04 11:45:46 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011-11-04 11:45:46 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011-11-04 11:45:46 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011-11-04 11:45:25 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011-10-29 13:12:56 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat [2011-10-29 13:12:56 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat [2011-10-01 07:33:51 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-09-06 22:11:34 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2011-07-14 00:09:08 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2011-07-14 00:08:44 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini [2011-04-30 13:13:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2011-04-30 13:13:04 | 000,122,368 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll [2011-04-30 13:13:03 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011-04-30 13:13:03 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011-04-30 13:13:03 | 000,080,896 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2011-03-25 12:34:07 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2011-03-25 12:34:06 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2011-03-02 23:56:37 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2010-10-23 14:24:43 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll [2010-02-01 17:39:13 | 000,240,504 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [color=#E56717]========== LOP Check ==========[/color] [2011-05-13 12:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2012-05-29 21:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG2012 [2011-08-07 10:13:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2012-09-17 20:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Browser Manager [2012-05-29 20:54:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2010-10-14 12:01:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-10-14 13:50:42 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DSS [2012-02-05 13:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2011-11-08 13:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Easybits GO [2012-02-05 13:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2010-08-22 20:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Exorcist DS 7 [2010-03-23 21:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GoldWave [2009-11-24 12:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2012-05-29 20:59:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2010-10-30 23:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Pendulo Studios [2011-10-22 09:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RELOADED [2011-11-20 15:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Rockstar Games [2012-02-29 18:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Solidshield [2010-01-23 15:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2009-11-28 12:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tunngle [2012-08-14 17:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ubisoft [2011-05-21 08:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2011-08-20 18:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WorldOfPlanes [2012-09-15 11:42:00 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2012-09-16 00:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job [2012-09-16 04:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job [2012-09-16 05:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job [2012-09-16 05:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job [2012-09-16 06:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job [2012-09-16 06:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job [2012-09-16 07:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job [2012-09-16 07:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job [2012-09-16 08:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job [2012-09-16 08:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job [2012-09-16 09:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job [2012-09-16 00:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job [2012-09-16 09:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job [2012-09-16 10:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job [2012-09-16 10:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job [2012-09-16 11:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job [2012-09-16 11:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job [2012-09-16 12:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At25.job [2012-09-16 12:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At26.job [2012-09-16 13:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At27.job [2012-09-16 13:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At28.job [2012-09-17 14:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At29.job [2012-09-16 01:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job [2012-09-17 14:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At30.job [2012-09-17 15:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At31.job [2012-09-17 15:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At32.job [2012-09-16 16:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At33.job [2012-09-16 16:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At34.job [2012-09-16 17:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At35.job [2012-09-16 17:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At36.job [2012-09-16 18:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At37.job [2012-09-16 18:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At38.job [2012-09-16 19:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At39.job [2012-09-16 01:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job [2012-09-16 19:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At40.job [2012-09-16 20:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At41.job [2012-09-16 20:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At42.job [2012-09-16 21:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At43.job [2012-09-16 21:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At44.job [2012-09-15 22:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At45.job [2012-09-15 22:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At46.job [2012-09-15 23:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At47.job [2012-09-15 23:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At48.job [2012-09-16 02:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job [2012-09-16 02:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job [2012-09-16 03:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job [2012-09-16 03:44:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job [2012-09-16 04:44:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job [2012-09-17 21:23:46 | 000,000,314 | -HS- | M] () -- C:\WINDOWS\Tasks\QCPOULZXK.job [2012-09-17 21:23:46 | 000,000,296 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2012-09-17 21:23:46 | 000,000,296 | -H-- | M] () -- C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job [2012-09-17 21:23:46 | 000,000,296 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 712 bytes -> C:\Documents and Settings\All Users\Pulpit\Amnesia: The Dark Descent.lnk @Alternate Data Stream - 593 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:517DBC32 @Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8178B8D6 < End of report >