OTL logfile created on: 14/11/2011 18:20:14 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Wojtek\Downloads\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: Wielka Brytania | Language: ENG | Date Format: dd/MM/yyyy
 
2.99 Gb Total Physical Memory | 1.79 Gb Available Physical Memory | 59.71% Memory free
6.18 Gb Paging File | 5.04 Gb Available in Paging File | 81.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 105.82 Gb Total Space | 79.07 Gb Free Space | 74.73% Space Free | Partition Type: NTFS
Drive E: | 106.83 Gb Total Space | 2.24 Gb Free Space | 2.10% Space Free | Partition Type: NTFS
 
Computer Name: WOJTEK-PC | User Name: Wojtek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/11/14 18:10:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Wojtek\Downloads\Desktop\OTL.exe
PRC - [2011/08/16 16:27:41 | 000,107,136 | ---- | M] (TMRG, Inc.) -- C:\Program Files\RelevantKnowledge\rlservice.exe
PRC - [2011/08/16 16:27:38 | 002,927,744 | ---- | M] (TMRG, Inc.) -- C:\Program Files\RelevantKnowledge\rlvknlg.exe
PRC - [2010/01/16 04:18:19 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/06/11 11:18:30 | 000,024,576 | ---- | M] () -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
PRC - [2008/01/21 03:23:52 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/11 20:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007/09/28 00:27:02 | 004,839,936 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
PRC - [2007/09/13 22:09:44 | 000,638,976 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
PRC - [2007/08/17 01:17:56 | 002,342,912 | ---- | M] (BigFix Inc.) -- C:\Program Files\BigFix\bigfix.exe
PRC - [2007/07/27 18:49:42 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2007/07/27 18:48:28 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/02/17 14:03:57 | 002,396,160 | ---- | M] (Gadu-Gadu Sp. z oo) -- C:\Program Files\Gadu-Gadu\gg.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2010/09/01 18:56:32 | 000,101,376 | ---- | M] () -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
MOD - [2010/09/01 18:56:32 | 000,052,224 | ---- | M] () -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
MOD - [2010/03/25 10:27:44 | 001,107,264 | ---- | M] () -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
MOD - [2010/01/16 04:18:19 | 001,014,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2007/09/28 00:27:02 | 004,839,936 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
MOD - [2005/05/24 16:46:33 | 000,032,768 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ggwhook.dll
MOD - [2005/05/24 16:45:44 | 000,405,504 | ---- | M] () -- C:\Program Files\Gadu-Gadu\update.dll
MOD - [2005/05/24 16:45:43 | 000,786,432 | ---- | M] () -- C:\Program Files\Gadu-Gadu\libeay32.dll
MOD - [2005/05/24 16:45:43 | 000,159,744 | ---- | M] () -- C:\Program Files\Gadu-Gadu\ssleay32.dll
MOD - [2005/05/24 16:45:42 | 000,036,864 | ---- | M] () -- C:\Program Files\Gadu-Gadu\Crypto.dll
MOD - [2002/12/27 03:18:58 | 000,098,304 | ---- | M] () -- C:\Program Files\SopCast\codec\TTL2Dec.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2011/08/16 16:27:41 | 000,107,136 | ---- | M] (TMRG, Inc.) [Auto | Running] -- C:\Program Files\RelevantKnowledge\rlservice.exe -- (RelevantKnowledge)
SRV - [2010/07/26 15:01:58 | 000,066,112 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
SRV - [2008/06/11 11:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)
SRV - [2008/05/05 23:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\Gateway Games\Gateway Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/11 20:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007/07/27 18:49:42 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2010/03/11 17:26:23 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008/07/28 08:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/06/11 11:13:24 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/03/01 00:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/01/26 01:46:40 | 000,106,496 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/21 03:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007/07/27 18:50:22 | 000,329,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 08:21:32 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2007/05/24 01:37:40 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2002/09/16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0415&s=2&o=vp32&d=0310&m=t-6330u
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-699923459-1462160667-771819599-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0415&s=2&o=vp32&d=0310&m=t-6330u
IE - HKU\S-1-5-21-699923459-1462160667-771819599-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-699923459-1462160667-771819599-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14978&l=dis
IE - HKU\S-1-5-21-699923459-1462160667-771819599-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-699923459-1462160667-771819599-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google PL"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.pl/"
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:8.6.7.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.1
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.87
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}:1.3.330.6
FF - prefs.js..keyword.URL: ""
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@parallelgraphics.com/Cortona: C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll (ParallelGraphics)
FF - HKLM\Software\MozillaPlugins\@rayv.com/rayvplugin: C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll (RayV)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge [2011/11/14 18:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3C5F0F00-683D-4847-89C8-E7AF64FD1CFB}: C:\Program Files\RelevantKnowledge [2011/11/14 18:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/16 18:40:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/19 16:57:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2010/03/11 17:14:00 | 000,000,000 | ---D | M]
 
[2011/03/18 20:46:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Extensions
[2011/03/18 20:46:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/11/14 16:43:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\extensions
[2010/09/09 15:23:27 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/08/04 13:01:37 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/04/13 19:26:27 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\extensions\DTToolbar@toolbarnet.com
[2010/09/28 20:12:42 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\extensions\vshare@toolbar
[2010/07/19 21:29:38 | 000,000,000 | ---D | M] (Zrzuta.eu) -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\extensions\zrzuta.eu@gmail.com
[2011/10/26 19:35:05 | 000,001,728 | ---- | M] () -- C:\Users\Wojtek\AppData\Roaming\Mozilla\Firefox\Profiles\s92lonrd.default\searchplugins\google-pl.xml
[2011/11/14 16:43:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/03 10:40:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/03/11 17:14:00 | 000,000,000 | ---D | M] (Download Accelerator Plus Integration) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2011/11/14 18:16:47 | 000,000,000 | ---D | M] (RelevantKnowledge) -- C:\PROGRAM FILES\RELEVANTKNOWLEDGE
[2010/08/09 16:17:46 | 000,873,888 | ---- | M] (ParallelGraphics) -- C:\Program Files\mozilla firefox\plugins\npCortona.dll
[2010/08/03 10:39:59 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/16 02:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2010/01/16 02:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2010/01/16 02:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2010/01/16 02:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2010/01/16 02:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2010/01/16 02:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
 
Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Wojtek\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll File not found
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-699923459-1462160667-771819599-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [sXe Injected] C:\Program Files\sXe Injected\sXe Injected.exe File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WLConfig] C:\Program Files\Beniamin\WLConfigNM.exe /check File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-699923459-1462160667-771819599-1000..\Run: [Gadu-Gadu] C:\Program Files\Gadu-Gadu\gg.exe (Gadu-Gadu Sp. z oo)
O4 - HKU\S-1-5-21-699923459-1462160667-771819599-1000..\Run: [HEXelon MAX] "C:\Program Files\HEXelon MAX 6\hexelon.exe" /auto File not found
O4 - HKU\S-1-5-21-699923459-1462160667-771819599-1000..\Run: [Power2GoExpress] NA File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-699923459-1462160667-771819599-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-699923459-1462160667-771819599-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.50 212.76.34.49
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1795449B-C2AD-490A-BC38-E11727DED040}: DhcpNameServer = 89.174.184.1 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{327A4EC9-6AB5-47BB-BF92-8006148E10DA}: DhcpNameServer = 212.76.34.50 212.76.34.49
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{12abac83-53f5-11e0-968b-00032543a484}\Shell - "" = AutoRun
O33 - MountPoints2\{12abac83-53f5-11e0-968b-00032543a484}\Shell\AutoRun\command - "" = D:\start.exe strona_gl.htm
O33 - MountPoints2\{2938af3e-5b5b-11df-a300-00032543a484}\Shell\AutoRun\command - "" = D:\LONG/island.exe
O33 - MountPoints2\{2938af3e-5b5b-11df-a300-00032543a484}\Shell\open\command - "" = D:\LONG/island.exe
O33 - MountPoints2\{3321e384-5ee9-11e0-8f97-00032543a484}\Shell\AutoRun\command - "" = J:\yveqsh93.exe
O33 - MountPoints2\{3321e384-5ee9-11e0-8f97-00032543a484}\Shell\open\Command - "" = J:\yveqsh93.exe
O33 - MountPoints2\{f4358d44-b834-11df-a6f4-806e6f6e6963}\Shell\AutoRun\command - "" = J:\yveqsh93.exe
O33 - MountPoints2\{f4358d44-b834-11df-a6f4-806e6f6e6963}\Shell\open\Command - "" = J:\yveqsh93.exe
O33 - MountPoints2\{fd7fd2c5-56f4-11e0-83e9-00032543a484}\Shell - "" = AutoRun
O33 - MountPoints2\{fd7fd2c5-56f4-11e0-83e9-00032543a484}\Shell\AutoRun\command - "" = H:\start.exe strona_gl.htm
O33 - MountPoints2\{fd7fd2c6-56f4-11e0-83e9-00032543a484}\Shell - "" = AutoRun
O33 - MountPoints2\{fd7fd2c6-56f4-11e0-83e9-00032543a484}\Shell\AutoRun\command - "" = I:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/11/14 18:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[2011/11/14 18:10:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Wojtek\Downloads\Desktop\OTL.exe
[2011/11/14 17:56:12 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Wojtek\Downloads\Desktop\tdsskiller.exe
[2011/11/14 17:34:19 | 001,055,082 | ---- | C] (www.froggie.sk) -- C:\Users\Wojtek\Downloads\Desktop\Vistalizator.exe
[2011/11/14 16:36:20 | 006,283,632 | ---- | C] (Microsoft Corporation) -- C:\Users\Wojtek\Downloads\Desktop\Silverlight_1.exe.dap
[2011/11/14 16:35:29 | 006,283,632 | ---- | C] (Microsoft Corporation) -- C:\Users\Wojtek\Downloads\Desktop\Silverlight.exe
[2011/11/13 23:46:52 | 157,845,824 | ---- | C] (AVG Technologies) -- C:\Users\Wojtek\Downloads\Desktop\avg_free_x86_all_2012_1869a4591.exe
[2011/11/13 22:42:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/11/13 22:16:11 | 000,000,000 | ---D | C] -- C:\Users\Wojtek\AppData\Local\Symantec_Corporation
[2011/11/13 21:53:52 | 000,128,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys
[2011/11/13 21:53:51 | 000,014,072 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\vproeventmonitor.sys
[2011/11/13 21:53:50 | 000,131,944 | ---- | C] (StorageCraft) -- C:\Windows\System32\drivers\symsnap.sys
[2011/11/13 21:53:50 | 000,037,864 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\v2imount.sys
[2011/11/13 21:50:21 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/11/13 21:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Partition Master 9.1.0 Home Edition
[2011/11/13 21:17:51 | 000,000,000 | ---D | C] -- C:\Program Files\EASEUS
[2011/10/26 21:37:28 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2011/10/20 09:07:24 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/10/20 09:07:24 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/10/20 09:07:23 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/10/19 20:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\RDRM
[2011/10/19 16:51:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/10/18 16:22:58 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/10/18 16:22:57 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/10/18 09:07:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/10/17 18:50:58 | 000,000,000 | -HSD | C] -- C:\Users\Wojtek\Network
[2011/10/17 15:58:41 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/10/17 01:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011/10/17 01:33:01 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2011/10/17 01:32:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011/10/17 01:14:28 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011/10/17 01:14:28 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011/10/17 01:14:27 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011/10/17 01:14:27 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011/10/17 01:14:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011/10/17 01:14:27 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011/10/17 01:14:27 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011/10/17 01:14:26 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011/10/17 01:14:26 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011/10/17 01:14:25 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011/10/17 01:14:25 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011/10/17 01:14:25 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011/10/17 01:14:25 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011/10/17 01:14:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011/10/17 01:14:25 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011/10/17 01:14:25 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011/10/17 01:14:25 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011/10/17 01:14:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011/10/17 01:14:24 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011/10/17 01:14:24 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011/10/17 01:14:24 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011/10/17 01:14:24 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011/10/17 01:14:24 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011/10/17 01:10:14 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/10/17 01:10:10 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/17 01:10:09 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/17 01:03:19 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011/10/17 00:53:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011/10/17 00:53:11 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011/10/17 00:53:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011/10/17 00:53:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011/10/17 00:53:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011/10/17 00:53:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011/10/17 00:53:09 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011/10/17 00:53:09 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011/10/17 00:53:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011/10/17 00:53:09 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011/10/17 00:53:09 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011/10/17 00:53:05 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011/10/17 00:53:04 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011/10/17 00:53:04 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011/10/17 00:53:04 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011/10/17 00:53:04 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011/10/16 15:40:26 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011/10/16 15:40:19 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011/10/16 15:39:52 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011/10/16 14:38:38 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011/10/16 14:38:38 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011/10/16 14:38:38 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011/10/16 14:38:27 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011/10/16 14:37:45 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/10/16 14:37:24 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/10/16 14:37:24 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/10/16 14:37:24 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/10/16 14:37:24 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011/10/16 14:37:17 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011/10/16 14:37:12 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011/10/16 14:37:10 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/10/16 14:37:09 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/10/16 14:37:09 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/10/16 14:37:09 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/10/16 14:37:08 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/16 14:37:08 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011/10/16 14:37:08 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011/10/16 14:37:08 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/10/16 14:37:08 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2011/10/16 14:37:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/16 14:37:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/10/16 14:36:03 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011/10/16 14:36:02 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011/10/16 14:35:53 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/10/16 14:35:53 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/10/16 14:35:49 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/10/16 14:35:47 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011/10/16 14:35:46 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011/10/16 14:35:42 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011/10/16 14:35:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/10/16 14:35:38 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/10/16 14:35:26 | 002,042,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/10/16 14:35:22 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011/10/16 14:35:21 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011/10/16 14:35:11 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/10/16 14:33:55 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/10/16 14:33:54 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/10/16 14:30:55 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/10/16 14:30:55 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/10/16 14:30:54 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/10/16 14:29:48 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/10/16 14:29:48 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/10/16 14:29:47 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/10/16 14:29:47 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011/10/16 14:29:43 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/10/16 14:29:41 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011/10/16 14:29:41 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011/10/16 14:29:38 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011/10/16 14:29:38 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011/10/16 14:29:37 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/10/16 14:28:42 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/10/16 14:28:14 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011/10/16 14:28:06 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011/10/16 14:28:06 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011/10/16 14:28:05 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011/10/16 14:28:05 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011/10/16 14:28:05 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011/10/16 14:28:05 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011/10/16 14:28:04 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011/10/16 14:28:04 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011/10/16 14:28:04 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011/10/16 14:27:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/10/16 14:27:14 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011/10/16 14:27:14 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011/10/16 14:27:11 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011/10/16 14:27:09 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/10/16 14:27:09 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/10/16 13:48:48 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011/10/16 11:23:41 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011/10/16 10:55:26 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/11/14 18:23:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/14 18:21:52 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/14 18:21:52 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/14 18:14:28 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2011/11/14 18:14:20 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/14 18:14:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 18:14:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 18:14:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/14 18:13:54 | 3211,190,272 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/14 18:10:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Wojtek\Downloads\Desktop\OTL.exe
[2011/11/14 17:56:18 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Wojtek\Downloads\Desktop\tdsskiller.exe
[2011/11/14 17:44:43 | 000,090,123 | ---- | M] () -- C:\Users\Wojtek\Downloads\Desktop\2.jpg
[2011/11/14 17:43:19 | 000,050,661 | ---- | M] () -- C:\Users\Wojtek\Downloads\Desktop\Untitled.jpg
[2011/11/14 17:36:40 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/11/14 17:34:23 | 001,055,082 | ---- | M] (www.froggie.sk) -- C:\Users\Wojtek\Downloads\Desktop\Vistalizator.exe
[2011/11/14 16:36:22 | 006,283,632 | ---- | M] (Microsoft Corporation) -- C:\Users\Wojtek\Downloads\Desktop\Silverlight_1.exe.dap
[2011/11/14 16:35:43 | 006,283,632 | ---- | M] (Microsoft Corporation) -- C:\Users\Wojtek\Downloads\Desktop\Silverlight.exe
[2011/11/13 23:50:21 | 157,845,824 | ---- | M] (AVG Technologies) -- C:\Users\Wojtek\Downloads\Desktop\avg_free_x86_all_2012_1869a4591.exe
[2011/11/13 22:22:31 | 000,001,254 | -H-- | M] () -- C:\Windows\EPMBatch.ept
[2011/11/13 12:02:45 | 000,005,972 | ---- | M] () -- C:\Users\Wojtek\AppData\Local\d3d9caps.dat
[2011/10/25 08:12:56 | 169,550,241 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/20 09:02:39 | 000,297,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/10/19 16:54:59 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/11/14 17:44:08 | 000,090,123 | ---- | C] () -- C:\Users\Wojtek\Downloads\Desktop\2.jpg
[2011/11/14 17:42:54 | 000,050,661 | ---- | C] () -- C:\Users\Wojtek\Downloads\Desktop\Untitled.jpg
[2011/11/13 21:36:15 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011/11/13 21:36:15 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011/11/13 21:36:15 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011/11/13 21:36:15 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011/11/13 21:36:15 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011/10/19 17:38:31 | 3211,190,272 | -HS- | C] () -- C:\hiberfil.sys
[2011/10/17 08:05:03 | 169,550,241 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/10/17 01:33:05 | 000,001,243 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011/10/17 01:14:28 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/10/17 01:14:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/10/17 01:14:25 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/10/17 00:53:06 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/10/17 00:53:06 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/10/17 00:53:06 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/10/16 14:38:39 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/10/16 10:54:42 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/09/10 19:58:38 | 000,000,000 | ---- | C] () -- C:\Users\Wojtek\AppData\Local\{C2408BB8-DBAA-480D-A89C-A1DD9485B6FE}
[2011/09/10 15:09:47 | 000,000,000 | ---- | C] () -- C:\Users\Wojtek\AppData\Local\{466CFCFC-61CA-421E-87E4-4C27E132C036}
[2011/09/10 15:04:58 | 000,000,000 | ---- | C] () -- C:\Users\Wojtek\AppData\Local\{E9C9B03D-9D63-42E1-B20B-E8D1CB668295}
[2011/09/10 14:51:52 | 000,000,000 | ---- | C] () -- C:\Users\Wojtek\AppData\Local\{30E7C87F-5F73-4F89-88D3-363F40C2F702}
[2011/04/13 19:34:12 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/03/28 19:50:57 | 000,000,621 | ---- | C] () -- C:\Windows\eReg.dat
[2011/02/18 15:41:47 | 000,031,007 | ---- | C] () -- C:\Users\Wojtek\AppData\Roaming\UserTile.png
[2011/02/18 01:10:16 | 000,000,040 | ---- | C] () -- C:\Windows\winDecrypt.INI
[2011/02/18 00:38:05 | 000,000,375 | ---- | C] () -- C:\Windows\pdf2rtf.INI
[2011/02/18 00:37:41 | 000,001,024 | ---- | C] () -- C:\Windows\System32\pdf2word.DAT
[2010/09/28 14:56:35 | 000,000,041 | ---- | C] () -- C:\Windows\winampa.ini
[2010/06/19 09:28:03 | 000,000,020 | ---- | C] () -- C:\Windows\naglos.INI
[2010/05/20 00:34:54 | 000,011,264 | ---- | C] () -- C:\Windows\System32\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/16 23:28:19 | 001,388,544 | ---- | C] () -- C:\Windows\System32\pingreducer32.dll
[2010/05/16 23:28:12 | 001,388,544 | ---- | C] () -- C:\Windows\pingreducer32.dll
[2010/05/16 23:27:09 | 001,388,544 | ---- | C] () -- C:\Windows\System32\pingreducer.dll
[2010/05/13 20:36:55 | 000,000,263 | ---- | C] () -- C:\Windows\System32\wykresy.ini
[2010/05/13 19:50:39 | 000,081,920 | ---- | C] () -- C:\Windows\System32\GkSui20.EXE
[2010/05/12 20:06:08 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/05/07 19:15:39 | 000,000,095 | ---- | C] () -- C:\Windows\winamp.ini
[2010/04/14 20:53:28 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010/04/13 19:35:23 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/04/13 19:35:23 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/04/13 19:35:23 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/04/09 10:51:06 | 000,000,008 | ---- | C] () -- C:\Users\Wojtek\AppData\Roaming\ypgmjw.dat
[2010/04/09 10:51:02 | 000,000,016 | ---- | C] () -- C:\Users\Wojtek\AppData\Roaming\avdrn.dat
[2010/03/11 18:05:52 | 000,000,123 | ---- | C] () -- C:\Windows\wininit.ini
[2010/03/11 17:49:15 | 000,000,412 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/03/11 17:23:43 | 000,005,972 | ---- | C] () -- C:\Users\Wojtek\AppData\Local\d3d9caps.dat
[2010/03/11 17:07:47 | 000,030,208 | ---- | C] () -- C:\Users\Wojtek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/11 17:03:32 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/03/11 16:50:36 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/08/08 11:27:45 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/08/08 11:27:40 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/08/08 11:27:40 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/08/08 11:27:40 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/08/08 11:27:40 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/08/08 11:27:40 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,297,560 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/10/06 20:35:26 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\BitTorrent
[2010/04/13 19:27:21 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\DAEMON Tools
[2010/04/13 19:27:50 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\DAEMON Tools Lite
[2010/04/13 19:27:21 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\DAEMON Tools Pro
[2010/04/13 00:44:07 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Gadu-Gadu
[2010/05/25 18:38:11 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Gadu-Gadu 10
[2011/11/02 20:47:20 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\ipla
[2010/04/01 08:44:58 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Ludia
[2011/06/05 20:10:57 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Miranda
[2010/05/25 18:42:05 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\Nowe Gadu-Gadu
[2010/04/11 18:06:38 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\OpenFM
[2011/02/18 15:41:46 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\PeerNetworking
[2011/01/30 18:05:24 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\RayV
[2011/02/17 12:01:07 | 000,000,000 | ---D | M] -- C:\Users\Wojtek\AppData\Roaming\WildTangent
[2011/11/14 18:13:10 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:A9662AE0

< End of report >