OTL logfile created on: 07-06-2011 08:06:54 - Run 3 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Elżbietka\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: dd-MM-yyyy 2,99 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 67,46% Memory free 5,89 Gb Paging File | 5,03 Gb Available in Paging File | 85,29% Paging File free Paging file location(s): C:\pagefile.sys 3070 3070 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 55,89 Gb Total Space | 15,44 Gb Free Space | 27,63% Space Free | Partition Type: NTFS Drive E: | 54,43 Gb Total Space | 47,36 Gb Free Space | 87,01% Space Free | Partition Type: NTFS Computer Name: ELŻBIETKA-PC | User Name: Elżbietka | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-06-06 19:58:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Elżbietka\Desktop\OTL.exe PRC - [2011-06-01 14:44:54 | 008,003,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer.exe PRC - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe PRC - [2010-06-15 14:05:58 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2010-06-15 14:04:28 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010-03-02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010-01-14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-03-20 07:36:58 | 000,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe PRC - [2007-02-13 09:30:24 | 000,405,504 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe PRC - [2007-02-12 23:44:26 | 004,411,392 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe PRC - [2007-02-02 22:38:14 | 002,756,608 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe PRC - [2007-02-02 15:56:52 | 000,118,784 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2007-01-17 14:46:32 | 000,534,648 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe PRC - [2007-01-12 23:41:40 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe PRC - [2006-12-20 00:15:44 | 000,428,152 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2006-11-14 23:02:36 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2006-11-14 22:19:42 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2006-11-14 21:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2006-10-27 21:13:48 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe PRC - [2006-08-23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006-05-25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2006-01-24 00:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-06-06 19:58:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Elżbietka\Desktop\OTL.exe MOD - [2010-08-31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-06 13:07:27 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2011-06-01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6) SRV - [2010-06-15 14:04:28 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2010-06-15 14:01:36 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2010-04-01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-02-24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-02-02 15:56:52 | 000,118,784 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2006-12-20 00:15:44 | 000,428,152 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2006-11-14 21:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2006-08-23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006-05-25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-05-05 03:13:03 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO) DRV - [2011-01-22 12:59:50 | 000,305,256 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2011-01-22 12:54:08 | 004,247,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2011-01-22 12:47:49 | 000,050,232 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2011-01-22 12:47:05 | 000,171,240 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (Tosrfbd) DRV - [2011-01-22 12:46:23 | 000,079,872 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid) DRV - [2011-01-22 12:45:41 | 000,042,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp) DRV - [2011-01-22 12:45:14 | 000,015,160 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2011-01-22 12:25:10 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2011-01-22 12:13:50 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte) DRV - [2010-03-01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010-02-25 11:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010-02-16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009-06-19 21:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21) DRV - [2009-05-11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2007-11-09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2007-01-26 17:13:40 | 000,017,712 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007-01-22 11:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2007-01-18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N) DRV - [2007-01-18 16:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I) DRV - [2007-01-13 10:40:00 | 004,452,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2006-12-09 02:01:02 | 002,206,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2006-11-28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Sterownik karty Intel(R) DRV - [2006-11-02 09:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006-10-18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006-08-30 10:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2006-07-28 17:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter) DRV - [2005-01-06 14:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-756565774-2712670711-863113018-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-756565774-2712670711-863113018-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-756565774-2712670711-863113018-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-756565774-2712670711-863113018-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-756565774-2712670711-863113018-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-756565774-2712670711-863113018-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-756565774-2712670711-863113018-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/" FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-01-25 22:03:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-05-07 07:38:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-06-06 20:59:18 | 000,000,000 | ---D | M] [2008-12-08 21:31:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elżbietka\AppData\Roaming\mozilla\Extensions [2011-06-07 07:51:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Elżbietka\AppData\Roaming\mozilla\Firefox\Profiles\gyd4tt9d.default\extensions [2011-05-14 19:45:54 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Elżbietka\AppData\Roaming\mozilla\Firefox\Profiles\gyd4tt9d.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2010-05-04 17:40:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Elżbietka\AppData\Roaming\mozilla\Firefox\Profiles\gyd4tt9d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-07 20:23:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Elżbietka\AppData\Roaming\mozilla\Firefox\Profiles\gyd4tt9d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(1029) [2010-12-07 20:23:07 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Elżbietka\AppData\Roaming\mozilla\Firefox\Profiles\gyd4tt9d.default\extensions\personas@christopher(1027).beard [2010-08-31 15:50:42 | 000,001,819 | ---- | M] () -- C:\Users\Elżbietka\AppData\Roaming\Mozilla\Firefox\Profiles\gyd4tt9d.default\searchplugins\bing.xml [2007-08-18 17:22:05 | 000,002,279 | ---- | M] () -- C:\Users\Elżbietka\AppData\Roaming\Mozilla\Firefox\Profiles\gyd4tt9d.default\searchplugins\wyszukiwarka-onetpl.xml [2011-06-06 20:32:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-04-15 13:40:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-04-15 14:21:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-06-06 20:32:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [2008-12-08 21:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org File not found (No name found) -- File not found (No name found) -- C:\USERS\ELĹĽBIETKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GYD4TT9D.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011-05-07 07:37:59 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2011-04-14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [1999-12-31 17:00:00 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll [2011-05-07 07:38:04 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-05-07 07:38:04 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-05-07 07:38:04 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-05-07 07:38:04 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-05-07 07:38:04 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-05-07 07:38:04 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml Hosts file not found O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [NoIE4StubProcessing] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-756565774-2712670711-863113018-1000\..Trusted Domains: onet.pl ([tvn24-stream] http in Zaufane witryny) O15 - HKU\S-1-5-21-756565774-2712670711-863113018-1000\..Trusted Domains: rmf.fm ([www] http in Zaufane witryny) O15 - HKU\S-1-5-21-756565774-2712670711-863113018-1000\..Trusted Domains: tvn24.pl ([www] http in Zaufane witryny) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img25.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img25.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{8f72df71-de5f-11dd-9da4-00037ad5ce8b}\Shell - "" = AutoRun O33 - MountPoints2\{9ed56744-a112-11df-aa4f-00037ad5ce8b}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL http://www.garmin.com/agent O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-06-07 07:50:55 | 000,000,000 | ---D | C] -- C:\_OTL [2011-06-07 07:33:41 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\Desktop\Autoruns [2011-06-06 22:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras [2011-06-06 22:34:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011-06-06 22:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011-06-06 21:41:55 | 000,920,088 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\igxpun.exe [2011-06-06 21:15:43 | 000,000,000 | ---D | C] -- C:\Intel [2011-06-06 20:59:27 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\Tracker Software [2011-06-06 20:59:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer [2011-06-06 20:59:05 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software [2011-06-06 20:57:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-06-06 20:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack [2011-06-06 20:41:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011-06-06 20:41:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-06-06 20:41:09 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011-06-06 20:41:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-06-06 20:41:09 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011-06-06 20:41:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011-06-06 20:41:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011-06-06 20:41:09 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011-06-06 20:41:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011-06-06 20:41:08 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011-06-06 20:41:08 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011-06-06 20:41:08 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011-06-06 20:41:08 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011-06-06 20:41:08 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011-06-06 20:41:08 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011-06-06 20:41:08 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011-06-06 20:41:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011-06-06 20:41:08 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011-06-06 20:41:08 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011-06-06 20:41:08 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011-06-06 20:41:08 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011-06-06 20:41:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011-06-06 20:41:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011-06-06 20:41:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011-06-06 20:41:08 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011-06-06 20:41:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-06-06 20:41:06 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011-06-06 20:41:06 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011-06-06 20:41:06 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011-06-06 20:41:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011-06-06 20:41:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011-06-06 20:41:06 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011-06-06 20:41:06 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011-06-06 20:41:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011-06-06 20:41:06 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011-06-06 20:41:06 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011-06-06 20:41:06 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011-06-06 20:41:06 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011-06-06 20:41:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011-06-06 20:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2011-06-06 20:32:26 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2011-06-06 20:32:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2011-06-06 20:32:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2011-06-06 20:19:41 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\GHISLER [2011-06-06 20:18:45 | 000,000,000 | ---D | C] -- C:\totalcmd [2011-06-06 20:18:45 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander [2011-06-06 20:18:45 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Roaming\GHISLER [2011-06-06 19:58:52 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Elżbietka\Desktop\OTL.exe [2011-06-06 19:42:50 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll [2011-06-06 19:42:50 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2011-06-06 13:36:45 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Roaming\Malwarebytes [2011-06-06 13:36:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011-06-06 13:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011-06-06 13:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011-06-06 13:36:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011-06-06 13:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011-06-06 13:08:13 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2011-06-06 13:07:39 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2011-06-06 13:07:33 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2011-06-06 13:07:33 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011-06-06 13:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities [2011-06-06 13:06:58 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Roaming\TuneUp Software [2011-06-06 13:06:51 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010 [2011-06-06 13:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2011-06-06 13:05:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2011-06-06 13:02:58 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\SystemRequirementsLab [2011-06-06 12:14:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011-06-06 12:14:34 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2011-06-06 12:14:33 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011-06-06 12:14:33 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011-06-06 12:14:33 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2011-06-06 12:14:33 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2011-06-06 12:14:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011-06-06 12:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2011-06-06 11:58:06 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011-06-06 11:36:53 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{B445959A-B142-45E2-A3B1-108AABCB37E1} [2011-06-06 11:16:01 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{95DFD111-657D-4D64-BC07-7600EDC6F1C0} [2011-06-06 11:07:53 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{6908A987-1468-4142-A06D-3A2612382E2A} [2011-06-05 13:58:58 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{80201EE2-C733-40F1-8C5F-21CDCDEF49EA} [2011-06-05 12:21:58 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{C81FDD72-91A1-452F-802D-516681F4954D} [2011-06-05 09:32:55 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{F45A6509-4B9C-40D1-B426-97903A4960C0} [2011-06-05 08:34:43 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{11310195-9F1F-4758-9419-380383A76691} [2011-06-05 07:21:32 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{2AB12899-4201-4A17-84EE-EBC0D8112569} [2011-06-04 16:41:08 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{315A0E4A-2131-4280-A97B-1589172100DB} [2011-06-04 14:25:04 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{17B8F626-D966-482D-B445-22DA7936CF81} [2011-06-04 13:24:56 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{D8B3F49C-34F1-4991-B5EA-6A36EDBDC1A9} [2011-06-04 00:23:46 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{4C29A66B-3144-44FF-BD4D-B7490AEE7110} [2011-06-03 13:20:58 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\Desktop\zdjęcie_dla_Ciebie [2011-06-02 22:21:48 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{37BE1CAD-4258-44BE-9033-631D53D19CFD} [2011-06-01 19:55:31 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{7FA126F2-3BB6-46F8-B368-678D187A333C} [2011-06-01 06:15:53 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{F9867BF3-AE64-41B0-A73D-926908120132} [2011-05-31 07:39:33 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{BE0F65F6-68FB-4822-980E-907C39C21193} [2011-05-30 09:16:07 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\Desktop\muchy [2011-05-30 08:04:42 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{32118D6E-FCA0-4A8F-90B9-09D4DDB8A335} [2011-05-29 08:54:38 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{0011DE3C-E792-4220-913C-882ACFEA1DA0} [2011-05-28 20:20:59 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{63D85CEA-A5C8-4659-A033-B1C11F1D2C0A} [2011-05-28 10:50:54 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{49422CA7-6CF8-4862-BD20-D8837AEA79DC} [2011-05-27 06:27:06 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{0A3B6FD0-4865-4CAD-AC78-17E00E647530} [2011-05-25 15:00:11 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{80AD563A-A8BF-4ABB-A447-4BB9E5895FF8} [2011-05-24 06:58:36 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{D2161819-E0C0-4568-932F-B746714FEAA5} [2011-05-23 13:06:36 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{69ACE105-0C51-410C-9CEC-EEA68DB2EBD0} [2011-05-22 13:09:31 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{54C83273-292B-425C-8DF1-818BA535FBA6} [2011-05-22 13:01:00 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{7A06281A-79BF-429C-BCBB-AD986759A6A1} [2011-05-20 05:37:09 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{74CB7440-C7BB-4641-AD2E-B92BE95B347A} [2011-05-19 07:07:07 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{F4A58304-B4EB-44BB-B715-6FB424B6B70B} [2011-05-18 06:56:08 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011-05-12 06:44:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} [2011-05-10 07:00:00 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{0D1250CC-E9CA-4A4E-A1EC-F4A0421D3120} [2011-05-09 01:43:13 | 000,000,000 | ---D | C] -- C:\Users\Elżbietka\AppData\Local\{3E934A91-7A20-4783-AA84-3357350BCE6D} [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-06-07 08:07:12 | 000,001,356 | ---- | M] () -- C:\Users\Elżbietka\AppData\Local\d3d9caps.dat [2011-06-07 07:57:29 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011-06-07 07:57:29 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-07 07:57:29 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-07 07:57:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-07 07:45:54 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-06-07 07:45:54 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-06-07 07:45:54 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job [2011-06-07 07:45:54 | 000,000,268 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job [2011-06-07 07:45:54 | 000,000,264 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job [2011-06-06 22:34:52 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011-06-06 21:32:12 | 374,549,987 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-06-06 20:41:19 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2011-06-06 20:41:19 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2011-06-06 20:41:10 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2011-06-06 20:41:10 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011-06-06 20:41:09 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011-06-06 20:41:09 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011-06-06 20:41:09 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2011-06-06 20:41:09 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011-06-06 20:41:09 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2011-06-06 20:41:09 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2011-06-06 20:41:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2011-06-06 20:41:08 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2011-06-06 20:41:08 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011-06-06 20:41:08 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011-06-06 20:41:08 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2011-06-06 20:41:08 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2011-06-06 20:41:08 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2011-06-06 20:41:08 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011-06-06 20:41:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011-06-06 20:41:08 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2011-06-06 20:41:08 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2011-06-06 20:41:08 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2011-06-06 20:41:08 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2011-06-06 20:41:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011-06-06 20:41:08 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011-06-06 20:41:08 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2011-06-06 20:41:08 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011-06-06 20:41:08 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011-06-06 20:41:07 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011-06-06 20:41:06 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011-06-06 20:41:06 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011-06-06 20:41:06 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2011-06-06 20:41:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2011-06-06 20:41:06 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011-06-06 20:41:06 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2011-06-06 20:41:06 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011-06-06 20:41:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2011-06-06 20:41:06 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2011-06-06 20:41:06 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2011-06-06 20:41:06 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011-06-06 20:41:06 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2011-06-06 20:41:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011-06-06 20:22:09 | 000,671,392 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-06-06 20:22:09 | 000,595,584 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-06-06 20:22:09 | 000,130,138 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-06-06 20:22:09 | 000,103,658 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-06-06 20:18:48 | 000,000,589 | ---- | M] () -- C:\Users\Elżbietka\Desktop\Total Commander.lnk [2011-06-06 19:58:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Elżbietka\Desktop\OTL.exe [2011-06-06 19:58:06 | 000,302,592 | ---- | M] () -- C:\Users\Elżbietka\Desktop\vfvenz40.exe [2011-06-06 13:07:25 | 000,001,858 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Konserwacja 1 kliknięciem.lnk [2011-06-06 13:07:25 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2011-06-04 00:23:31 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.0.lnk [2011-05-28 10:58:42 | 000,064,512 | ---- | M] () -- C:\Users\Elżbietka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-05-18 06:56:09 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011-05-12 06:44:35 | 000,001,853 | ---- | M] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-06 22:34:52 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011-06-06 20:41:08 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2011-06-06 20:18:48 | 000,000,589 | ---- | C] () -- C:\Users\Elżbietka\Desktop\Total Commander.lnk [2011-06-06 20:18:45 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2011-06-06 20:18:45 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2011-06-06 20:18:45 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2011-06-06 20:18:45 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2011-06-06 20:18:45 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2011-06-06 20:18:45 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2011-06-06 20:18:45 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2011-06-06 20:04:56 | 374,549,987 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011-06-06 19:58:02 | 000,302,592 | ---- | C] () -- C:\Users\Elżbietka\Desktop\vfvenz40.exe [2011-06-06 14:11:57 | 000,000,936 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk [2011-06-06 13:07:25 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities.lnk [2011-06-06 13:07:25 | 000,001,858 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Konserwacja 1 kliknięciem.lnk [2011-06-06 13:07:25 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2011-05-12 06:44:35 | 000,001,853 | ---- | C] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk [2011-05-05 05:34:13 | 000,000,552 | ---- | C] () -- C:\Users\Elżbietka\AppData\Local\d3d8caps.dat [2011-04-25 17:27:29 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2011-03-25 16:52:40 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011-01-22 12:59:49 | 000,080,488 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2010-03-15 14:19:32 | 000,005,613 | ---- | C] () -- C:\Windows\wininit.ini [2010-01-25 22:02:08 | 000,023,192 | ---- | C] () -- C:\Windows\hpqins15.dat [2009-11-22 13:45:33 | 000,077,447 | ---- | C] () -- C:\Windows\hpqins05.dat [2009-10-21 10:59:30 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009-10-21 10:53:42 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-02-25 18:39:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009-01-31 16:00:05 | 000,303,104 | ---- | C] () -- C:\Windows\Uninstall_tkexe.exe [2009-01-21 17:22:06 | 000,177,293 | ---- | C] () -- C:\Windows\hpoins29.dat [2009-01-10 11:51:01 | 000,786,432 | ---- | C] () -- C:\Windows\System32\DSPlayer.dll [2008-07-30 08:21:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008-05-05 02:13:43 | 000,000,799 | ---- | C] () -- C:\Windows\hpomdl29.dat [2008-02-11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll [2008-01-20 19:57:00 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat [2007-12-25 13:21:53 | 000,001,356 | ---- | C] () -- C:\Users\Elżbietka\AppData\Local\d3d9caps.dat [2007-12-11 21:46:16 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IPPCPUID.DLL [2007-12-11 21:44:29 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll [2007-12-11 21:41:52 | 000,000,416 | ---- | C] () -- C:\Windows\MAXLINK.INI [2007-08-18 17:17:54 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2007-07-04 16:50:16 | 011,129,313 | ---- | C] () -- C:\Users\Elżbietka\AppData\Roaming\UserTile.png [2007-07-03 22:26:22 | 000,064,512 | ---- | C] () -- C:\Users\Elżbietka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-03-15 12:14:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2007-03-15 12:14:26 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2007-03-15 12:14:25 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2007-03-15 12:14:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2007-03-15 12:14:25 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2007-03-15 12:14:25 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2007-03-15 12:03:22 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2007-03-15 11:42:24 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini [2007-03-15 11:42:24 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll [2007-03-15 11:42:24 | 000,010,132 | ---- | C] () -- C:\Windows\System32\tosmreg.ini [2007-03-15 11:42:24 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini [2007-03-15 11:36:15 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat [2007-03-15 11:36:15 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat [2006-12-05 14:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2006-12-05 07:19:18 | 000,671,392 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2006-12-05 07:19:18 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2006-12-05 07:19:18 | 000,130,138 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2006-12-05 07:19:18 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2006-11-24 08:48:44 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll [2006-11-02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:44:53 | 000,291,888 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 12:33:01 | 000,595,584 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 12:33:01 | 000,103,658 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005-11-23 15:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll [2005-07-22 22:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll [2004-01-14 08:46:34 | 000,172,032 | ---- | C] () -- C:\Windows\System32\tifmicon.dll [color=#E56717]========== LOP Check ==========[/color] [2008-11-10 23:55:07 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\Ashampoo [2007-10-08 22:03:18 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\Business Logic [2007-12-11 22:42:55 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\Canon [2007-07-05 20:55:48 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\DesktopSMS [2007-07-04 19:12:53 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\Dokumenty AFi [2007-07-08 23:17:40 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\Gadu-Gadu [2010-08-06 09:54:16 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\GARMIN [2011-06-06 20:18:45 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\GHISLER [2007-07-04 18:54:49 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\InterVideo [2011-06-06 11:56:39 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\ipla [2010-12-22 10:36:48 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\Local [2010-02-05 08:48:29 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\magentictb [2010-03-15 12:44:41 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\NewSoft [2008-12-28 15:12:06 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\OpenOffice.org [2011-03-16 17:32:51 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\PITy2010 [2007-12-07 22:43:33 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\PPTminimizer [2011-03-25 16:54:10 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\RDRM [2007-12-11 21:41:30 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\ScanSoft [2010-03-15 15:03:18 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\TeamViewer [2007-07-03 22:20:30 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\Toshiba [2011-06-06 13:06:58 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\TuneUp Software [2007-08-07 22:11:49 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\Ulead Systems [2011-01-20 11:50:13 | 000,000,000 | ---D | M] -- C:\Users\Elżbietka\AppData\Roaming\Uniblue [2011-06-07 07:45:54 | 000,000,268 | ---- | M] () -- C:\Windows\Tasks\DriverScanner.job [2011-06-07 07:45:54 | 000,000,272 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job [2011-06-07 07:57:28 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011-06-07 07:45:54 | 000,000,264 | ---- | M] () -- C:\Windows\Tasks\SpeedUpMyPC.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DB365884 @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:95B8F7F6 < End of report >