OTL logfile created on: 2012-10-10 21:45:02 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\ToJestHHDZIXX\Moje dokumenty\Downloads Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 70,68% Memory free 3,85 Gb Paging File | 3,38 Gb Available in Paging File | 87,70% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 24,41 Gb Total Space | 6,71 Gb Free Space | 27,48% Space Free | Partition Type: NTFS Drive D: | 208,46 Gb Total Space | 81,37 Gb Free Space | 39,03% Space Free | Partition Type: NTFS Drive F: | 4,35 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: TOJESTHIPHOPDZI | User Name: ToJestHHDZIXX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-10-10 17:30:45 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ToJestHHDZIXX\Moje dokumenty\Downloads\OTL.exe PRC - [2012-10-10 17:05:09 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe PRC - [2012-10-07 15:08:39 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012-10-04 03:16:02 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2009-08-27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2008-07-25 20:29:16 | 001,528,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-10-04 03:16:00 | 000,460,312 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\ppgooglenaclpluginchrome.dll MOD - [2012-10-04 03:15:58 | 012,435,992 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll MOD - [2012-10-04 03:15:56 | 004,005,912 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\pdf.dll MOD - [2012-10-04 03:14:41 | 000,578,072 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\libglesv2.dll MOD - [2012-10-04 03:14:40 | 000,123,928 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\libegl.dll MOD - [2012-10-04 03:14:29 | 000,156,712 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\avutil-51.dll MOD - [2012-10-04 03:14:27 | 000,275,496 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\avformat-54.dll MOD - [2012-10-04 03:14:26 | 002,168,360 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\avcodec-54.dll MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2007-12-05 03:41:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-10-10 17:44:33 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2012-10-09 16:37:27 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-10-07 15:08:39 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-09-08 07:47:11 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-08-29 12:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-03-28 21:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc) SRV - [2009-08-27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mhlkpg.sys -- (amsint32) DRV - [2012-06-08 14:43:39 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012-05-11 15:03:20 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\apf003.sys -- (apf003) DRV - [2011-12-31 18:17:55 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\apf001.sys -- (apf001) DRV - [2011-12-02 22:02:00 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2009-03-18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-04-17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008-04-13 20:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2007-12-21 01:03:00 | 000,030,720 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l251x86.sys -- (AtcL002) DRV - [2006-02-26 17:02:49 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js - File not found FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\4game.com/plugin: D:\Program Files\L2EU\npplugin4game.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Dane aplikacji\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\WINDOWS\system32\npOGPPlugin.dll (OGPlanet) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll File not found FF - HKCU\Software\MozillaPlugins\@eximion.com/KalydoPlayer: C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\Kalydo\KalydoPlayer\bin1\npkalydo.dll (Eximion B.V.) FF - HKCU\Software\MozillaPlugins\@powerchallenge.com/PowerLoader: C:\DOCUME~1\TOJEST~1\DANEAP~1\POWERC~1\nppowerloader.dll (Power Challenge Sweden AB) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) [2011-11-30 19:02:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\Mozilla\Extensions [2012-10-10 21:36:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\Mozilla\Firefox\Profiles\ntiopsc9.default\extensions [2012-07-02 17:57:50 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\Mozilla\Firefox\Profiles\ntiopsc9.default\extensions\battlefieldplay4free@ea.com [2012-06-09 22:55:47 | 001,487,960 | ---- | M] () (No name found) -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\Mozilla\Firefox\Profiles\ntiopsc9.default\extensions\{0471d3b0-a403-11df-981c-0800200c9a66}.xpi [2012-10-08 18:25:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-03-15 20:57:44 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-06-30 20:30:14 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [color=#E56717]========== Chrome ==========[/color] CHR - homepage: about:blank CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: about:blank CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.92\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: (Enabled) = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Kalydo Player Plugin for Mozilla (Enabled) = C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\Kalydo\KalydoPlayer\bin1\npkalydo.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Skype Click to Call = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\ CHR - Extension: Gmail = C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [GG] C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\GG\Application\gghub.exe (GG Network S.A.) O4 - HKCU..\Run: [Steam] D:\Program Files\steam\steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [Del C:\Documents and Settings\ToJestHHDZIXX\Pulpit\Serwer Do Minecrafta ;)\plugins\LWC\worldguard.yml OnNextReboot] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AE77FBC-C833-4BF8-961D-A072E21B42F8}: NameServer = 85.14.72.10 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\ToJestHHDZIXX\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-11-30 18:53:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012-10-07 18:49:44 | 000,000,330 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012-09-26 18:10:01 | 000,000,242 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{974a02f8-1b77-11e1-8bb6-806d6172696f}\Shell\AUtopLay\CoMmAnd - "" = C:\upax.pif -- [2012-10-10 18:21:01 | 000,025,316 | RHS- | M] () O33 - MountPoints2\{974a02f8-1b77-11e1-8bb6-806d6172696f}\Shell\AutoRun\command - "" = C:\upax.pif -- [2012-10-10 18:21:01 | 000,025,316 | RHS- | M] () O33 - MountPoints2\{974a02f8-1b77-11e1-8bb6-806d6172696f}\Shell\ExplOrE\CoMmanD - "" = C:\upax.pif -- [2012-10-10 18:21:01 | 000,025,316 | RHS- | M] () O33 - MountPoints2\{974a02f8-1b77-11e1-8bb6-806d6172696f}\Shell\Open\CoMmAND - "" = C:\upax.pif -- [2012-10-10 18:21:01 | 000,025,316 | RHS- | M] () O33 - MountPoints2\{974a02f9-1b77-11e1-8bb6-806d6172696f}\Shell\autoplAy\cOmmanD - "" = D:\gmacy.exe -- [2012-10-10 18:24:04 | 000,025,316 | RHS- | M] () O33 - MountPoints2\{974a02f9-1b77-11e1-8bb6-806d6172696f}\Shell\AutoRun\command - "" = D:\gmacy.exe -- [2012-10-10 18:24:04 | 000,025,316 | RHS- | M] () O33 - MountPoints2\{974a02f9-1b77-11e1-8bb6-806d6172696f}\Shell\explore\CommaNd - "" = D:\gmacy.exe -- [2012-10-10 18:24:04 | 000,025,316 | RHS- | M] () O33 - MountPoints2\{974a02f9-1b77-11e1-8bb6-806d6172696f}\Shell\oPEN\cOmMaNd - "" = D:\gmacy.exe -- [2012-10-10 18:24:04 | 000,025,316 | RHS- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-10-10 21:36:50 | 000,000,000 | ---D | C] -- C:\_OTL [2012-10-10 21:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ToJestHHDZIXX\Pulpit\Sality_RegKeys [2012-10-10 14:08:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ToJestHHDZIXX\Recent [2012-10-09 20:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-10-09 20:51:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype [2012-10-08 18:26:32 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012-10-07 15:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-10-07 15:08:56 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012-10-07 15:08:56 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-10-07 15:08:48 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012-10-07 14:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2012-10-07 14:55:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi [2012-10-07 14:54:09 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Documents and Settings\ToJestHHDZIXX\Pulpit\Minecraft Updater.exe [2012-10-06 23:50:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ToJestHHDZIXX\Pulpit\EliteMT2 [2012-09-27 22:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Wakfu [2012-09-18 20:46:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\DBV [2012-09-13 20:06:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax [2012-09-13 20:04:56 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax [2012-09-13 20:04:56 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax [2012-09-13 20:04:56 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll [2012-09-13 20:04:56 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax [2012-09-13 20:04:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2012-09-13 20:04:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax [2012-07-15 19:35:48 | 000,196,608 | ---- | C] (ICSharpCode.net) -- C:\Documents and Settings\ToJestHHDZIXX\ICSharpCode.SharpZipLib.dll [2004-07-09 04:08:36 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dxsetup.exe [2004-07-09 04:08:34 | 002,242,560 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll [2004-07-09 03:03:10 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-10-10 21:42:53 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2012-10-10 21:38:01 | 000,001,046 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-10-10 21:37:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-10-10 21:37:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-10-10 21:17:00 | 000,001,050 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-10-10 21:16:00 | 000,001,164 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-308236825-1177238915-1001UA.job [2012-10-10 18:23:39 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe [2012-10-10 18:23:31 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe [2012-10-10 18:23:03 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe [2012-10-10 18:22:40 | 000,394,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe [2012-10-10 18:21:18 | 000,069,632 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE [2012-10-10 18:21:01 | 000,025,316 | RHS- | M] () -- C:\upax.pif [2012-10-10 17:45:39 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Program Files\dxsetup.exe [2012-10-10 17:35:47 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Documents and Settings\ToJestHHDZIXX\Pulpit\Minecraft Updater.exe [2012-10-10 17:34:28 | 011,349,112 | ---- | M] (Smith Micro Software, Inc.) -- C:\Documents and Settings\ToJestHHDZIXX\Moje dokumenty\StuffItExpander2011x86.exe [2012-10-10 07:16:00 | 000,001,112 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-308236825-1177238915-1001Core.job [2012-10-09 17:39:15 | 001,644,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-10-09 16:37:26 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-10-09 16:37:26 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-10-09 15:11:02 | 000,000,460 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Moje dokumenty\cc_20121009_151100.reg [2012-10-09 15:10:43 | 000,017,736 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Moje dokumenty\cc_20121009_151040.reg [2012-10-09 07:06:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-10-08 22:42:46 | 000,008,830 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\.recently-used.xbel [2012-10-07 18:49:44 | 000,000,330 | RHS- | M] () -- C:\autorun.inf [2012-10-07 15:08:39 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012-10-07 15:08:39 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012-10-07 15:08:39 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-10-07 15:08:39 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-10-07 15:08:39 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-10-07 15:08:39 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012-10-07 15:08:39 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012-10-07 14:54:17 | 000,160,028 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Pulpit\MinecraftSP(1).rar [2012-10-01 22:54:45 | 000,285,288 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2012-10-01 22:54:45 | 000,285,288 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2012-10-01 22:54:45 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin [2012-09-30 13:09:18 | 000,033,146 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Moje dokumenty\cc_20120930_130906.reg [2012-09-15 22:52:08 | 001,154,394 | ---- | M] () -- C:\Documents and Settings\ToJestHHDZIXX\Pulpit\dolitoswedzi.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-10-09 20:51:57 | 000,002,267 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2012-10-09 15:11:01 | 000,000,460 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Moje dokumenty\cc_20121009_151100.reg [2012-10-09 15:10:41 | 000,017,736 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Moje dokumenty\cc_20121009_151040.reg [2012-10-08 22:42:46 | 000,008,830 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\.recently-used.xbel [2012-10-07 18:49:44 | 000,025,316 | RHS- | C] () -- C:\upax.pif [2012-10-07 18:49:23 | 000,000,330 | RHS- | C] () -- C:\autorun.inf [2012-10-07 14:54:00 | 000,160,028 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Pulpit\MinecraftSP(1).rar [2012-09-30 13:09:15 | 000,033,146 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Moje dokumenty\cc_20120930_130906.reg [2012-09-15 22:52:08 | 001,154,394 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Pulpit\dolitoswedzi.jpg [2012-07-08 01:43:41 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-07-08 01:43:41 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2012-07-08 01:43:40 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-07-08 01:43:40 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012-07-08 01:43:40 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2012-06-23 09:19:33 | 1620,526,167 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\tmpGSINSTALL.exe [2012-06-14 19:11:44 | 000,139,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2012-06-14 19:11:43 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\PnkBstrK.sys [2012-06-14 19:11:39 | 000,282,104 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2012-06-14 19:11:25 | 000,076,888 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2012-05-30 22:30:41 | 000,002,180 | ---- | C] () -- C:\WINDOWS\kaillera.ini [2012-05-30 22:30:41 | 000,001,825 | ---- | C] () -- C:\WINDOWS\mn02.ini [2012-05-30 22:30:41 | 000,001,754 | ---- | C] () -- C:\WINDOWS\n02.ini [2012-05-24 16:16:49 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE [2012-05-11 15:03:20 | 000,016,304 | ---- | C] () -- C:\WINDOWS\System32\apl003.sys [2012-05-11 15:03:20 | 000,013,232 | ---- | C] () -- C:\WINDOWS\System32\apf003.sys [2012-03-31 22:50:40 | 001,158,776 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-606747145-308236825-1177238915-1001-0.dat [2012-03-31 22:50:35 | 000,405,570 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2012-01-31 16:00:03 | 000,079,688 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012-01-13 06:11:46 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\DofusAppId0_3 [2012-01-12 20:16:52 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\DofusAppId0_1 [2012-01-12 17:34:48 | 000,000,201 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\D2Info0 [2012-01-12 17:34:48 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Dane aplikacji\DofusAppId0_2 [2012-01-11 18:36:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ToJestHHDZIXX\Test Świat Biologii II - Krążenie - Grupa A.pdf [2011-12-31 18:17:55 | 000,012,920 | ---- | C] () -- C:\WINDOWS\System32\apl001.sys [2011-12-31 18:17:55 | 000,010,872 | ---- | C] () -- C:\WINDOWS\System32\apf001.sys [2011-12-29 19:43:27 | 000,215,104 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-12-28 13:43:18 | 000,000,031 | ---- | C] () -- C:\WINDOWS\tdlp32.ini [2011-12-25 13:50:29 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat [2011-12-24 15:02:32 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2011-12-03 09:10:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-12-03 09:03:48 | 000,285,288 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011-12-03 09:03:48 | 000,285,288 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011-12-03 09:03:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011-12-03 09:03:24 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011-12-02 22:02:00 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys [2011-12-02 17:29:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll [2011-11-30 19:46:17 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2011-11-30 19:46:17 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2011-11-30 19:46:17 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2011-11-30 19:46:17 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2011-11-30 19:46:17 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2011-11-30 19:46:17 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2011-11-30 19:46:17 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2011-11-30 19:46:17 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2011-11-30 19:43:43 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-11-30 19:35:03 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2011-11-30 19:33:48 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2011-11-30 19:33:28 | 001,644,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-11-30 18:53:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-11-30 18:51:22 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2004-07-22 10:51:34 | 003,432,656 | ---- | C] () -- C:\Program Files\ManagedDX.CAB [2004-07-19 22:58:36 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab [2004-07-19 22:53:26 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab [2004-07-09 14:17:16 | 013,265,040 | ---- | C] () -- C:\Program Files\dxnt.cab [2004-07-09 09:13:48 | 015,493,481 | ---- | C] () -- C:\Program Files\DirectX.cab [2004-07-09 09:13:46 | 000,703,080 | ---- | C] () -- C:\Program Files\BDA.cab [color=#E56717]========== ZeroAccess Check ==========[/color] [2011-11-30 19:26:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-07-25 20:34:53 | 001,740,288 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008-04-14 22:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >