OTL logfile created on: 20/01/2011 21:21:37 - Run 1 OTL by OldTimer - Version 3.2.20.3 Folder = E:\DOWNLOAD 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 52.00% Memory free 8.00 Gb Paging File | 6.00 Gb Available in Paging File | 75.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 34.90 Gb Total Space | 11.18 Gb Free Space | 32.04% Space Free | Partition Type: NTFS Drive D: | 200.00 Gb Total Space | 111.07 Gb Free Space | 55.54% Space Free | Partition Type: NTFS Drive E: | 230.76 Gb Total Space | 72.75 Gb Free Space | 31.53% Space Free | Partition Type: NTFS Drive F: | 74.31 Gb Total Space | 22.08 Gb Free Space | 29.71% Space Free | Partition Type: FAT32 Computer Name: SLAYER | User Name: Aadvark | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/01/20 21:19:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\DOWNLOAD\OTL.scr PRC - [2010/12/15 16:55:46 | 000,944,496 | ---- | M] (Opera Software) -- E:\Programy\Opera\opera.exe PRC - [2010/12/03 19:43:55 | 000,912,344 | ---- | M] (Mozilla Corporation) -- E:\Programy\Mozilla Firefox\firefox.exe PRC - [2010/12/03 19:43:55 | 000,016,856 | ---- | M] (Mozilla Corporation) -- E:\Programy\Mozilla Firefox\plugin-container.exe PRC - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2010/09/09 13:01:22 | 001,234,224 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe PRC - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/06/22 16:32:51 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010/06/02 13:16:06 | 003,179,952 | ---- | M] (Tonec Inc.) -- E:\Programy\Internet Download Manager\IDMan.exe PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- E:\Programy\CDBurnerXP\NMSAccessU.exe PRC - [2009/09/23 15:45:50 | 001,287,176 | ---- | M] (Panda Security) -- E:\Programy\Panda USB Vaccine\USBVaccine.exe PRC - [2009/05/14 14:47:54 | 000,731,840 | ---- | M] (ESET) -- E:\Programy\ESET NOD32\x86\ekrn.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011/01/20 21:19:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\DOWNLOAD\OTL.scr MOD - [2010/08/21 05:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010/03/25 17:21:22 | 005,018,624 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV:[b]64bit:[/b] - [2009/07/14 01:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/14 01:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2010/09/16 14:06:22 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/06/22 16:32:51 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/06/14 14:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/05/21 15:40:13 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- E:\Programy\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/05/14 14:54:26 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- E:\Programy\ESET NOD32\EHttpSrv.exe -- (EhttpSrv) SRV - [2009/05/14 14:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- E:\Programy\ESET NOD32\x86\ekrn.exe -- (ekrn) SRV - [2006/10/26 23:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Programy\Microsoft Office 2007\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010/06/25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:[b]64bit:[/b] - [2010/04/19 19:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2010/04/16 14:01:40 | 000,042,496 | ---- | M] (ZOOM) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zmhhpau.sys -- (ZMHHPAudioSrv) DRV:[b]64bit:[/b] - [2010/02/26 13:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt) DRV:[b]64bit:[/b] - [2010/02/26 13:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:[b]64bit:[/b] - [2010/02/26 13:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64) DRV:[b]64bit:[/b] - [2010/02/26 13:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64) DRV:[b]64bit:[/b] - [2009/12/17 22:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:[b]64bit:[/b] - [2009/11/12 15:38:14 | 000,026,216 | ---- | M] (TamoSoft) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TsLwWfF.sys -- (TsLwWfF) DRV:[b]64bit:[/b] - [2009/11/01 19:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:[b]64bit:[/b] - [2009/10/10 02:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2009/08/09 21:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:[b]64bit:[/b] - [2009/07/14 01:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2009/07/14 01:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/14 01:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/14 00:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2009/07/14 00:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:[b]64bit:[/b] - [2009/07/13 21:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009/06/25 14:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk) DRV:[b]64bit:[/b] - [2009/06/10 21:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009/06/10 21:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009/06/10 21:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009/06/10 20:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2009/06/10 20:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009/06/10 20:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Sterownik karty Intel(R) DRV:[b]64bit:[/b] - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2009/05/14 14:49:56 | 000,121,152 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr) DRV:[b]64bit:[/b] - [2009/05/14 14:47:16 | 000,134,024 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2009/05/14 14:41:14 | 000,142,776 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon) DRV:[b]64bit:[/b] - [2009/03/26 14:44:13 | 000,044,560 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a4djavs_x64.sys -- (a4djavs_x64) DRV:[b]64bit:[/b] - [2009/03/26 14:44:10 | 000,249,872 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a4djusb_x64.sys -- (a4djusb_x64) DRV:[b]64bit:[/b] - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:[b]64bit:[/b] - [2007/08/03 03:35:54 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "www.google.com" FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.1 FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: E:\Programy\Mozilla Firefox\components [2010/12/20 10:52:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: E:\Programy\Mozilla Firefox\plugins [2010/12/20 10:52:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: E:\Programy\ESET NOD32\Mozilla Thunderbird [2010/10/12 18:18:30 | 000,000,000 | ---D | M] [2010/07/08 09:18:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Extensions [2010/07/08 09:18:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2011/01/20 10:57:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Firefox\Profiles\y8wm17at.default\extensions [2011/01/14 10:41:31 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Aadvark\AppData\Roaming\mozilla\Firefox\Profiles\y8wm17at.default\extensions\en-GB@dictionaries.addons.mozilla.org [2010/06/02 13:19:23 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\AADVARK\APPDATA\ROAMING\IDM\IDMMZCC3 O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - E:\Programy\Internet Download Manager\IDMIECC.dll (Tonec Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Programy\Microsoft Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programy\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [egui] E:\Programy\ESET NOD32\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4 - HKLM..\Run: [HTC Sync Loader] E:\Programy\HTC Sync\htcUPCTLoader.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-3595348222-1430447603-2233241379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:[b]64bit:[/b] - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Programy\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - E:\Programy\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programy\Microsoft Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Programy\Microsoft Office 2007\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Programy\Microsoft Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/08/05 17:58:52 | 000,000,016 | ---- | M] () - F:\AUTORUN.INF -- [ FAT32 ] O32 - AutoRun File - [2010/08/05 17:58:52 | 000,000,016 | ---- | M] () - F:\AUTORUN_.INF -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/01/20 11:03:28 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\Desktop\pspad455b2405 [2011/01/06 22:11:07 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2011/01/06 22:11:06 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2011/01/06 22:11:05 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2011/01/06 22:11:05 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2011/01/06 22:11:05 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2011/01/06 22:11:05 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2011/01/06 22:11:05 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2011/01/06 22:11:05 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2011/01/06 22:11:05 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2011/01/06 22:10:59 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2011/01/06 22:10:59 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2011/01/06 22:10:58 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011/01/06 22:10:58 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/01/06 22:10:58 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011/01/06 22:10:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/01/04 23:57:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2010/12/29 10:01:27 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\AppData\Roaming\Virgin Media [2010/12/29 10:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Radialpoint [2010/12/29 10:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Virgin Media [2010/12/28 23:26:15 | 000,000,000 | ---D | C] -- C:\Users\Aadvark\Desktop\ASASASASASAS [2010/12/22 15:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Internet Access [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/01/20 19:09:05 | 000,103,146 | ---- | M] () -- C:\Users\Aadvark\Desktop\Richmond Dance Timetable 2011.pdf [2011/01/20 18:38:06 | 006,420,626 | ---- | M] () -- C:\Users\Aadvark\Desktop\Don_Omar_-_Sexy_Robotica.mp3 [2011/01/20 15:38:53 | 009,359,902 | ---- | M] () -- C:\Users\Aadvark\Desktop\Matt_Cardle_-_When_We_Collide.mp3 [2011/01/20 15:33:49 | 005,361,664 | ---- | M] () -- C:\Users\Aadvark\Desktop\Bruno_Mars_-_Grenade.mp3 [2011/01/20 15:32:02 | 015,121,850 | ---- | M] () -- C:\Users\Aadvark\Desktop\David Guetta feat. Rihanna - Whos That Chick (Afrojack Remix) by aiccro.mp3 [2011/01/20 15:31:10 | 006,196,417 | ---- | M] () -- C:\Users\Aadvark\Desktop\Bruno Mars - Grenade (Produced by The Smeezingtons).mp3 [2011/01/20 12:38:57 | 000,009,588 | ---- | M] () -- C:\Users\Aadvark\Desktop\logo.png [2011/01/20 10:53:37 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/20 10:53:37 | 000,017,360 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/20 10:50:48 | 000,692,110 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011/01/20 10:50:48 | 000,619,658 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/01/20 10:50:48 | 000,135,472 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011/01/20 10:50:48 | 000,107,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/01/20 10:50:47 | 001,523,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/01/20 10:46:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/01/20 01:32:28 | 000,000,750 | ---- | M] () -- C:\Users\Aadvark\.recently-used.xbel [2011/01/20 01:31:10 | 004,605,432 | ---- | M] () -- C:\Users\Aadvark\Desktop\Maciej Merlin Moroz - Pokonaj niesmialosc i stan sie pewny siebie - SeduceYourLife.com.pdf [2011/01/12 02:10:07 | 000,101,431 | ---- | M] () -- C:\Users\Aadvark\Desktop\Cennik_EsteticDENTAL.pdf [2011/01/11 23:57:34 | 000,081,154 | ---- | M] () -- C:\Users\Aadvark\Desktop\troll.png [2011/01/07 22:22:13 | 000,070,902 | ---- | M] () -- C:\Users\Aadvark\Desktop\218_1.jpg [2011/01/06 23:00:58 | 002,434,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/01/06 17:41:00 | 000,012,568 | ---- | M] () -- C:\Users\Aadvark\Desktop\Nowy Dokument programu Microsoft Office Word.docx [2011/01/05 00:54:12 | 000,575,112 | ---- | M] () -- C:\Users\Aadvark\Desktop\Andain_-_You_Once_Told_Me.mp3.asd [2011/01/05 00:53:06 | 011,368,758 | ---- | M] () -- C:\Users\Aadvark\Desktop\Andain_-_You_Once_Told_Me.mp3 [2011/01/03 01:23:56 | 000,233,675 | ---- | M] () -- C:\Users\Aadvark\Desktop\secrets-of-micro-escalation-vibe.pdf [2010/12/30 18:15:39 | 000,375,451 | ---- | M] () -- C:\Users\Aadvark\Desktop\redirect.htm [2010/12/28 12:40:35 | 000,000,162 | -H-- | M] () -- C:\Users\Aadvark\Desktop\~$wy Dokument programu Microsoft Office Word (9).docx [2010/12/28 01:16:49 | 000,013,883 | ---- | M] () -- C:\Users\Aadvark\Desktop\Nowy Dokument programu Microsoft Office Word (2).docx [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/01/20 19:09:11 | 000,103,146 | ---- | C] () -- C:\Users\Aadvark\Desktop\Richmond Dance Timetable 2011.pdf [2011/01/20 18:37:20 | 006,420,626 | ---- | C] () -- C:\Users\Aadvark\Desktop\Don_Omar_-_Sexy_Robotica.mp3 [2011/01/20 15:38:21 | 009,359,902 | ---- | C] () -- C:\Users\Aadvark\Desktop\Matt_Cardle_-_When_We_Collide.mp3 [2011/01/20 15:33:04 | 005,361,664 | ---- | C] () -- C:\Users\Aadvark\Desktop\Bruno_Mars_-_Grenade.mp3 [2011/01/20 15:31:54 | 015,121,850 | ---- | C] () -- C:\Users\Aadvark\Desktop\David Guetta feat. Rihanna - Whos That Chick (Afrojack Remix) by aiccro.mp3 [2011/01/20 15:31:07 | 006,196,417 | ---- | C] () -- C:\Users\Aadvark\Desktop\Bruno Mars - Grenade (Produced by The Smeezingtons).mp3 [2011/01/20 12:13:48 | 000,009,588 | ---- | C] () -- C:\Users\Aadvark\Desktop\logo.png [2011/01/20 01:32:28 | 000,000,750 | ---- | C] () -- C:\Users\Aadvark\.recently-used.xbel [2011/01/20 01:32:17 | 004,605,432 | ---- | C] () -- C:\Users\Aadvark\Desktop\Maciej Merlin Moroz - Pokonaj niesmialosc i stan sie pewny siebie - SeduceYourLife.com.pdf [2011/01/18 01:27:52 | 000,039,378 | ---- | C] () -- C:\Users\Aadvark\Desktop\126429292865_onionib.jpg [2011/01/12 02:10:15 | 000,101,431 | ---- | C] () -- C:\Users\Aadvark\Desktop\Cennik_EsteticDENTAL.pdf [2011/01/11 23:57:33 | 000,081,154 | ---- | C] () -- C:\Users\Aadvark\Desktop\troll.png [2011/01/07 22:22:13 | 000,070,902 | ---- | C] () -- C:\Users\Aadvark\Desktop\218_1.jpg [2011/01/06 17:33:47 | 000,012,568 | ---- | C] () -- C:\Users\Aadvark\Desktop\Nowy Dokument programu Microsoft Office Word.docx [2011/01/05 00:54:12 | 000,575,112 | ---- | C] () -- C:\Users\Aadvark\Desktop\Andain_-_You_Once_Told_Me.mp3.asd [2011/01/05 00:52:22 | 011,368,758 | ---- | C] () -- C:\Users\Aadvark\Desktop\Andain_-_You_Once_Told_Me.mp3 [2011/01/03 01:24:07 | 000,233,675 | ---- | C] () -- C:\Users\Aadvark\Desktop\secrets-of-micro-escalation-vibe.pdf [2010/12/30 18:15:37 | 000,375,451 | ---- | C] () -- C:\Users\Aadvark\Desktop\redirect.htm [2010/12/28 12:40:35 | 000,000,162 | -H-- | C] () -- C:\Users\Aadvark\Desktop\~$wy Dokument programu Microsoft Office Word (9).docx [2010/08/07 16:20:24 | 000,245,760 | ---- | C] () -- C:\Windows\SysWow64\ImxEx.dll [2010/07/10 18:54:52 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ArtFfct.dll [2010/06/12 06:45:09 | 000,000,279 | ---- | C] () -- C:\Windows\game.ini [2010/05/17 13:52:46 | 000,007,597 | ---- | C] () -- C:\Users\Aadvark\AppData\Local\Resmon.ResmonCfg [2010/05/16 22:12:53 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys [2009/07/13 23:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 21:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2004/10/16 00:20:56 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\libsndfile.dll [color=#E56717]========== LOP Check ==========[/color] [2010/09/20 19:20:26 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\.wtw [2011/01/19 10:45:10 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\12Voip [2010/05/17 12:06:59 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Ableton [2010/11/27 09:12:35 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Birdstep Technology [2010/06/02 15:09:01 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Canneverbe Limited [2011/01/20 11:03:15 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\DMCache [2010/08/27 17:48:14 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\EPSON [2010/12/09 21:15:44 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\FileZilla [2011/01/20 21:17:50 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\foobar2000 [2010/11/14 17:24:26 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\framezoo.com [2010/11/10 01:52:55 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\gtk-2.0 [2011/01/20 01:32:28 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\homebank [2010/11/28 01:19:57 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\HTC [2010/12/29 16:35:29 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\IDM [2010/09/11 09:12:30 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Nokia [2010/05/16 21:29:00 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Opera [2010/09/09 08:38:44 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\PC Suite [2010/05/28 17:20:50 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Thinstall [2010/07/08 09:18:40 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\TomTom [2010/05/17 11:52:42 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Tracker Software [2010/09/11 15:05:03 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Uniblue [2010/12/29 10:01:27 | 000,000,000 | ---D | M] -- C:\Users\Aadvark\AppData\Roaming\Virgin Media [2010/11/10 23:23:13 | 000,032,736 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] [2010/12/23 21:56:00 | 012,893,674 | ---- | C] ()(C:\Users\Aadvark\Desktop\4 godzinny tydzie? pracy.pdf) -- C:\Users\Aadvark\Desktop\4 godzinny tydzie� pracy.pdf [2010/12/23 17:27:16 | 012,893,674 | ---- | M] ()(C:\Users\Aadvark\Desktop\4 godzinny tydzie? pracy.pdf) -- C:\Users\Aadvark\Desktop\4 godzinny tydzie� pracy.pdf < End of report >