OTL logfile created on: 2011-12-29 19:09:18 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mikołaj\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19154) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,47 Gb Total Physical Memory | 1,08 Gb Available Physical Memory | 43,86% Memory free 5,15 Gb Paging File | 3,68 Gb Available in Paging File | 71,48% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 254,15 Gb Total Space | 59,63 Gb Free Space | 23,46% Space Free | Partition Type: NTFS Drive D: | 29,19 Gb Total Space | 19,16 Gb Free Space | 65,63% Space Free | Partition Type: NTFS Computer Name: MIKOŁAJ-PC | User Name: Mikołaj | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-12-29 19:06:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mikołaj\Desktop\OTL.exe PRC - [2011-11-10 18:22:27 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-03-22 20:38:12 | 000,013,824 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe PRC - [2011-02-25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE PRC - [2011-01-29 23:11:36 | 003,372,856 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe PRC - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe PRC - [2010-10-05 20:26:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe PRC - [2009-04-30 15:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-03-06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe PRC - [2008-09-27 19:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe PRC - [2008-09-09 11:31:59 | 006,281,760 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008-09-08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2008-08-26 20:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe PRC - [2008-08-12 01:14:32 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe PRC - [2008-08-05 14:11:04 | 000,130,560 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2008-08-05 14:10:58 | 000,120,320 | ---- | M] () -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2008-07-03 10:29:48 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe PRC - [2008-06-11 11:16:11 | 001,454,080 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2008-06-05 23:40:40 | 000,102,400 | ---- | M] () -- C:\Program Files\ATK Hotkey\LOSD.exe PRC - [2008-05-22 01:56:32 | 005,207,880 | ---- | M] (Lenovo(beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\utility.exe PRC - [2008-05-22 01:52:34 | 008,824,648 | ---- | M] (Lenovo (Beijing) Limited) -- C:\Program Files\Lenovo\Energy Management\Energy Management.exe PRC - [2008-05-10 02:55:24 | 002,555,904 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe PRC - [2008-02-14 21:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe PRC - [2008-01-23 18:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe PRC - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IgrsSvcs.exe PRC - [2008-01-21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2008-01-21 03:23:32 | 000,319,544 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe PRC - [2008-01-16 20:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007-11-05 03:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe PRC - [2007-10-03 05:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-11-10 18:22:28 | 000,849,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll MOD - [2011-06-03 15:47:09 | 000,055,816 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\Temp\e3c74ee6-7482-4280-b9c3-f233b390296e\CliSecureRT.dll MOD - [2011-03-22 20:38:12 | 000,013,824 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MOD - [2009-07-26 00:45:18 | 000,241,752 | ---- | M] () -- C:\Windows\System32\IcnOvrly.dll MOD - [2008-07-03 10:29:48 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe MOD - [2007-11-12 23:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTran.dll MOD - [2006-02-17 21:33:48 | 000,057,344 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\KbdHook.dll MOD - [2005-06-25 03:05:02 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\Energy Management\HookLib.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-02-28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011-02-25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010-11-02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2009-04-30 15:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2009-03-06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost) SRV - [2009-01-09 11:46:24 | 000,410,976 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS) SRV - [2008-09-27 19:00:24 | 000,430,080 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe -- (System_Repair_UpdateMonitor) SRV - [2008-09-08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-08-26 20:55:32 | 000,522,792 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- c:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins) SRV - [2008-02-14 21:33:14 | 000,032,768 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS) SRV - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IgrsSvcs.exe -- (ReadyComm.DirectRouter) SRV - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (PS_MDP) SRV - [2008-01-21 03:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IgrsSvcs.exe -- (IncSvc) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-16 20:04:36 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007-10-03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-03-18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2011-02-09 23:43:21 | 000,488,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2011-01-03 09:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm) DRV - [2011-01-03 09:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) DRV - [2011-01-03 09:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter) DRV - [2010-06-09 16:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 16:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1) DRV - [2010-04-22 18:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2009-11-02 19:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-08-26 16:12:23 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-07-26 00:26:10 | 000,049,472 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\funfrm.sys -- (funfrm) DRV - [2009-05-01 00:03:08 | 006,754,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 250(UVC) DRV - [2009-05-01 00:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS) DRV - [2009-05-01 00:00:00 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2009-04-30 15:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009-01-15 18:32:59 | 007,699,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008-09-05 18:50:19 | 000,045,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008-08-29 02:39:08 | 000,048,192 | ---- | M] (Lenovo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tvtumon.sys -- (tvtumon) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-06-24 23:55:12 | 000,047,104 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2008-06-13 20:23:12 | 000,008,832 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WDMirror.sys -- (wdmirror) DRV - [2008-06-13 20:22:02 | 000,008,832 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\Wdkbdmou.sys -- (Wdkbdmou) DRV - [2008-06-11 11:23:11 | 001,097,856 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2008-05-23 01:08:28 | 001,747,200 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2008-04-27 23:29:25 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Sterownik karty Intel(R) DRV - [2008-01-24 18:08:34 | 000,010,880 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ITEhidCIR.sys -- (vhidmini) DRV - [2008-01-10 10:59:08 | 000,081,192 | ---- | M] (CyberLink) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSVD.sys -- (WSVD) DRV - [2008-01-02 17:50:26 | 000,018,448 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AcpiVpc.sys -- (ACPIVPC) DRV - [2007-07-30 19:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007-07-30 18:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2007-05-24 00:33:58 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2006-12-14 08:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor) DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-21-361112631-3606682304-1660250844-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2481033 IE - HKU\S-1-5-21-361112631-3606682304-1660250844-1004\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-361112631-3606682304-1660250844-1004\..\URLSearchHook: {d43723ae-1ae1-4a25-a6a4-bf0929273cab} - No CLSID value found IE - HKU\S-1-5-21-361112631-3606682304-1660250844-1004\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKU\S-1-5-21-361112631-3606682304-1660250844-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "Ashampoo PO Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2481033&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://google.pl" FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.3 FF - prefs.js..extensions.enabledItems: virtualKeyboard@kaspersky.ru:11.0.2.579 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.579 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.579 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2011-05-31 18:47:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2011-05-31 18:47:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2011-05-31 18:47:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-12-29 00:11:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-12-29 00:11:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011-09-28 19:18:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011-03-20 20:51:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Extensions [2011-12-29 19:04:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Firefox\Profiles\ertzb17a.default\extensions [2011-03-22 21:47:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Firefox\Profiles\ertzb17a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-08-03 19:03:29 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Firefox\Profiles\ertzb17a.default\extensions\2020Player_IKEA@2020Technologies.com [2011-04-04 20:14:37 | 000,000,000 | ---D | M] (AnyColor) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Firefox\Profiles\ertzb17a.default\extensions\anycolor.pavlos256@gmail.com [2011-12-11 16:32:20 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Firefox\Profiles\ertzb17a.default\extensions\personas@christopher.beard [2011-03-20 20:53:39 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Mikołaj\AppData\Roaming\mozilla\Firefox\Profiles\ertzb17a.default\extensions\vshare@toolbar [2011-07-30 16:41:12 | 000,002,396 | ---- | M] () -- C:\Users\Mikołaj\AppData\Roaming\Mozilla\Firefox\Profiles\ertzb17a.default\searchplugins\askcom.xml [2011-08-31 10:29:34 | 000,000,925 | ---- | M] () -- C:\Users\Mikołaj\AppData\Roaming\Mozilla\Firefox\Profiles\ertzb17a.default\searchplugins\conduit.xml [2011-03-20 20:53:47 | 000,001,583 | ---- | M] () -- C:\Users\Mikołaj\AppData\Roaming\Mozilla\Firefox\Profiles\ertzb17a.default\searchplugins\web-search.xml [2011-03-20 20:51:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-05-31 18:47:59 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2011\FFEXT\KAVANTIBANNER@KASPERSKY.RU [2011-05-31 18:47:59 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2011\FFEXT\LINKFILTER@KASPERSKY.RU [2011-05-31 18:47:59 | 000,000,000 | ---D | M] (Kaspersky Virtual Keyboard) -- C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2011\FFEXT\VIRTUALKEYBOARD@KASPERSKY.RU File not found (No name found) -- C:\USERS\MIKOĹ‚AJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ERTZB17A.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B} File not found (No name found) -- C:\USERS\MIKOĹ‚AJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ERTZB17A.DEFAULT\EXTENSIONS\ANYCOLOR.PAVLOS256@GMAIL.COM File not found (No name found) -- C:\USERS\MIKOĹ‚AJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ERTZB17A.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD File not found (No name found) -- C:\USERS\MIKOĹ‚AJ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ERTZB17A.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR [2011-11-10 18:22:29 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-11-10 18:22:29 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-11-10 18:22:29 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-11-10 18:22:29 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-11-10 18:22:29 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-11-10 18:22:29 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Reg Error: Value error.) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKU\S-1-5-21-361112631-3606682304-1660250844-1004\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-361112631-3606682304-1660250844-1004\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4 - HKLM..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" File not found O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-361112631-3606682304-1660250844-1004..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung) O4 - HKU\S-1-5-21-361112631-3606682304-1660250844-1004..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () O4 - HKU\S-1-5-21-361112631-3606682304-1660250844-1004..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 189 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-361112631-3606682304-1660250844-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47ADD6D6-E0D7-426F-A582-A8B7F9380EC8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7C22D20-1B5F-4170-9284-F47D989CCE42}: DhcpNameServer = 62.21.99.95 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (C:\PROGRA~2\AVP11\kloehk.dll) -C:\ProgramData\AVP11\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop WallPaper: C:\Users\Mikołaj\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Mikołaj\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{07a6e44d-9253-11de-adb2-002556f22694}\Shell - "" = AutoRun O33 - MountPoints2\{07a6e44d-9253-11de-adb2-002556f22694}\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\{419eaf9e-f6d9-11de-8b6b-0022face648e}\Shell\AutoRun\command - "" = mje12tni.exe O33 - MountPoints2\{419eaf9e-f6d9-11de-8b6b-0022face648e}\Shell\open\Command - "" = mje12tni.exe O33 - MountPoints2\{730453bd-b8d5-11df-af4f-00248c6f4fa8}\Shell\AutoRun\command - "" = G:\APPInst.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-12-29 19:06:33 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Mikołaj\Desktop\OTL.exe [2011-12-29 17:41:45 | 342,054,483 | ---- | C] (Lenovo Group ) -- C:\Users\Mikołaj\Desktop\IN1ORI12WW3.exe [2011-12-29 17:17:13 | 000,000,000 | ---D | C] -- C:\Drivers [2011-12-29 16:20:51 | 056,403,396 | ---- | C] (Lenovo Group ) -- C:\Users\Mikołaj\Desktop\LD1PTH5WW3.exe [2011-12-29 12:45:37 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan [2011-12-27 23:06:37 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\AppData\Local\{A973F6C0-67C3-4A51-925D-ACB79CFC247B} [2011-12-27 22:52:43 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\AppData\Local\{D90A5D69-1DC6-4BDD-85FA-8B0233744218} [2011-12-27 22:51:58 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\Desktop\zdjecia(543) [2011-12-27 17:28:27 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\Desktop\KOPIA ZAPASOWA [2011-12-27 16:54:55 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\AppData\Local\{1E97E37E-A4D2-4ACC-99A5-9C22407B734D} [2011-12-27 02:04:49 | 000,000,000 | ---D | C] -- C:\Users\Mikołaj\AppData\Local\{B0C03BD5-F38F-4228-A564-FDB99622F2CA} [2009-07-25 23:39:39 | 000,229,376 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-12-29 19:08:00 | 000,879,683 | ---- | M] () -- C:\Users\Mikołaj\Desktop\SecurityCheck.exe [2011-12-29 19:07:38 | 006,029,312 | -HS- | M] () -- C:\Users\Mikołaj\NTUSER.DAT [2011-12-29 19:07:02 | 000,302,592 | ---- | M] () -- C:\Users\Mikołaj\Desktop\r5n85kb4.exe [2011-12-29 19:06:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mikołaj\Desktop\OTL.exe [2011-12-29 18:35:05 | 000,002,082 | ---- | M] () -- C:\Users\Mikołaj\Desktop\OneKey Recovery.lnk [2011-12-29 18:34:20 | 000,108,200 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\GDIPFONTCACHEV1.DAT [2011-12-29 18:29:49 | 000,405,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011-12-29 18:29:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-12-29 18:29:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-12-29 18:29:16 | 000,000,056 | -HS- | M] () -- C:\_PartitionInfo [2011-12-29 18:28:57 | 000,082,945 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-12-29 18:28:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-12-29 18:28:36 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat [2011-12-29 18:28:25 | 2647,576,576 | -HS- | M] () -- C:\hiberfil.sys [2011-12-29 18:28:22 | 422,919,227 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011-12-29 18:06:35 | 342,054,483 | ---- | M] (Lenovo Group ) -- C:\Users\Mikołaj\Desktop\IN1ORI12WW3.exe [2011-12-29 17:58:09 | 000,082,945 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-12-29 17:26:23 | 001,048,576 | -HS- | M] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafbf-f7cb-11de-940e-00248c6f4fa8}.TxR.2.regtrans-ms [2011-12-29 17:26:23 | 001,048,576 | -HS- | M] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafbf-f7cb-11de-940e-00248c6f4fa8}.TxR.1.regtrans-ms [2011-12-29 17:26:23 | 001,048,576 | -HS- | M] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafbf-f7cb-11de-940e-00248c6f4fa8}.TxR.0.regtrans-ms [2011-12-29 17:26:23 | 000,065,536 | -HS- | M] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafbf-f7cb-11de-940e-00248c6f4fa8}.TxR.blf [2011-12-29 16:23:21 | 056,403,396 | ---- | M] (Lenovo Group ) -- C:\Users\Mikołaj\Desktop\LD1PTH5WW3.exe [2011-12-29 16:16:23 | 000,524,288 | -HS- | M] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafc0-f7cb-11de-940e-00248c6f4fa8}.TMContainer00000000000000000001.regtrans-ms [2011-12-29 16:16:23 | 000,065,536 | -HS- | M] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafc0-f7cb-11de-940e-00248c6f4fa8}.TM.blf [2011-12-29 16:16:02 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-12-29 16:15:54 | 002,226,985 | -H-- | M] () -- C:\Users\Mikołaj\AppData\Local\IconCache.db [2011-12-29 15:34:19 | 001,650,364 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2011-12-29 15:34:19 | 000,729,822 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-12-29 15:34:19 | 000,645,626 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-12-29 15:34:19 | 000,152,814 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-12-29 15:34:19 | 000,126,062 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-12-29 12:45:40 | 000,000,804 | ---- | M] () -- C:\Users\Mikołaj\Desktop\SpeedFan.lnk [2011-12-29 12:45:37 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo [2011-12-29 12:43:49 | 002,108,256 | ---- | M] () -- C:\Users\Mikołaj\Desktop\installspeedfan445(dobreprogramy.pl).exe [2011-12-29 00:17:13 | 006,029,312 | -HS- | M] () -- C:\Users\Mikołaj\ntuser.dat_previous [2011-11-30 13:46:35 | 000,096,768 | ---- | M] () -- C:\Users\Mikołaj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-12-29 19:07:03 | 000,879,683 | ---- | C] () -- C:\Users\Mikołaj\Desktop\SecurityCheck.exe [2011-12-29 19:06:56 | 000,302,592 | ---- | C] () -- C:\Users\Mikołaj\Desktop\r5n85kb4.exe [2011-12-29 18:21:15 | 000,002,082 | ---- | C] () -- C:\Users\Mikołaj\Desktop\OneKey Recovery.lnk [2011-12-29 17:26:23 | 001,048,576 | -HS- | C] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafbf-f7cb-11de-940e-00248c6f4fa8}.TxR.2.regtrans-ms [2011-12-29 17:26:23 | 001,048,576 | -HS- | C] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafbf-f7cb-11de-940e-00248c6f4fa8}.TxR.1.regtrans-ms [2011-12-29 17:26:23 | 001,048,576 | -HS- | C] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafbf-f7cb-11de-940e-00248c6f4fa8}.TxR.0.regtrans-ms [2011-12-29 17:26:23 | 000,065,536 | -HS- | C] () -- C:\Users\Mikołaj\NTUSER.DAT{404dafbf-f7cb-11de-940e-00248c6f4fa8}.TxR.blf [2011-12-29 12:45:40 | 000,000,804 | ---- | C] () -- C:\Users\Mikołaj\Desktop\SpeedFan.lnk [2011-12-29 12:44:16 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo [2011-12-29 12:43:43 | 002,108,256 | ---- | C] () -- C:\Users\Mikołaj\Desktop\installspeedfan445(dobreprogramy.pl).exe [2011-12-27 00:11:17 | 002,226,985 | -H-- | C] () -- C:\Users\Mikołaj\AppData\Local\IconCache.db [2011-12-24 11:49:20 | 2647,576,576 | -HS- | C] () -- C:\hiberfil.sys [2011-03-25 16:31:59 | 000,004,096 | -H-- | C] () -- C:\Users\Mikołaj\AppData\Local\keyfile3.drm [2011-02-09 23:45:36 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2011-02-09 23:45:36 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2011-01-29 17:00:24 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011-01-29 17:00:22 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011-01-29 17:00:22 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011-01-29 17:00:22 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011-01-29 17:00:22 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2010-10-18 22:13:19 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010-06-21 18:18:56 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-06-21 18:18:55 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010-06-21 18:18:54 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010-06-21 18:18:54 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2010-06-21 18:18:53 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010-03-20 22:54:24 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi [2009-11-21 12:40:57 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe [2009-11-21 12:40:56 | 000,260,608 | ---- | C] () -- C:\Windows\PEV.exe [2009-11-21 12:40:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2009-11-21 12:40:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2009-11-21 12:40:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2009-09-24 19:31:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009-09-24 19:31:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009-09-24 19:30:42 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009-09-09 18:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat [2009-09-01 17:07:22 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2009-08-26 22:22:56 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009-08-26 17:16:03 | 000,036,661 | ---- | C] () -- C:\Windows\DIIUnin.dat [2009-08-26 16:12:23 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2009-08-24 23:29:53 | 000,008,268 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\d3d9caps.dat [2009-08-24 23:11:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009-08-24 18:04:23 | 000,096,768 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-08-24 14:24:24 | 000,082,945 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009-08-24 14:22:01 | 000,082,945 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009-08-24 12:59:00 | 000,108,200 | ---- | C] () -- C:\Users\Mikołaj\AppData\Local\GDIPFONTCACHEV1.DAT [2009-08-03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009-08-03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009-07-26 00:45:21 | 009,338,880 | ---- | C] () -- C:\Windows\System32\Facev.dll [2009-07-26 00:45:21 | 000,208,896 | ---- | C] () -- C:\Windows\System32\image.dll [2009-07-26 00:45:19 | 000,053,248 | ---- | C] () -- C:\Windows\System32\FunFrm.dll [2009-07-26 00:45:18 | 000,655,360 | ---- | C] () -- C:\Windows\System32\EncIcons.dll [2009-07-26 00:45:18 | 000,507,904 | ---- | C] () -- C:\Windows\System32\SimpleExt.dll [2009-07-26 00:45:18 | 000,241,752 | ---- | C] () -- C:\Windows\System32\IcnOvrly.dll [2009-07-26 00:45:17 | 009,502,720 | ---- | C] () -- C:\Windows\System32\FaceVerify.dll [2009-07-26 00:45:17 | 001,564,672 | ---- | C] () -- C:\Windows\System32\MainOp.dll [2009-07-26 00:45:17 | 000,221,184 | ---- | C] () -- C:\Windows\System32\SetDev.dll [2009-07-26 00:45:17 | 000,126,976 | ---- | C] () -- C:\Windows\System32\VideoOp.dll [2009-07-26 00:45:17 | 000,049,152 | ---- | C] () -- C:\Windows\System32\DevFilt.dll [2009-07-26 00:45:16 | 001,974,272 | ---- | C] () -- C:\Windows\System32\Imagereog.dll [2009-07-26 00:45:16 | 001,163,264 | ---- | C] () -- C:\Windows\System32\PicNotify.dll [2009-07-26 00:45:16 | 000,442,368 | ---- | C] () -- C:\Windows\System32\Apblend.dll [2009-07-26 00:45:16 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Momo.dll [2009-07-26 00:26:12 | 000,057,344 | ---- | C] () -- C:\Windows\AsfHelper.dll [2009-07-26 00:26:12 | 000,049,472 | ---- | C] () -- C:\Windows\System32\drivers\funfrm.sys [2009-07-26 00:26:08 | 000,241,664 | ---- | C] () -- C:\Windows\System32\3DImageRenderer.dll [2009-07-25 23:39:38 | 001,747,200 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2009-07-25 23:39:38 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys [2009-07-25 23:17:39 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2009-07-25 22:45:17 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2009-07-25 22:25:32 | 000,729,822 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-07-25 22:25:32 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-07-25 22:25:32 | 000,152,814 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-07-25 22:25:32 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-05-08 09:13:04 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll [2009-04-30 15:00:12 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys [2009-03-03 10:05:19 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2008-08-26 20:54:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\BtwNamespaceExt2.dll [2008-06-13 20:22:02 | 000,008,832 | ---- | C] () -- C:\Windows\System32\drivers\Wdkbdmou.sys [2008-01-21 03:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2007-04-16 11:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin [2006-11-02 13:57:28 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat [2006-11-02 13:47:37 | 000,405,360 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006-11-02 11:33:01 | 001,650,364 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2006-11-02 11:33:01 | 000,645,626 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006-11-02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006-11-02 11:33:01 | 000,126,062 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006-11-02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006-11-02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll [2006-11-02 11:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2006-11-02 11:23:31 | 000,000,243 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 11:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006-11-02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006-11-02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006-11-02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006-11-02 08:10:37 | 000,053,536 | ---- | C] () -- C:\Windows\System32\dosx.exe [2006-11-02 08:10:02 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe [2006-11-02 08:10:00 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe [2006-11-02 08:09:59 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com [2006-11-02 08:09:59 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM [2006-11-02 08:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe [2006-11-02 08:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe [2006-11-02 08:09:57 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM [2006-11-02 08:09:56 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe [2006-11-02 08:09:55 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe [2006-11-02 08:09:55 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM [2006-11-02 08:09:53 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe [2006-11-02 08:09:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe [2006-11-02 08:09:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe [2006-11-02 08:09:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe [2006-11-02 08:09:49 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM [2006-11-02 08:09:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe [2006-11-02 08:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys [2006-11-02 08:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS [2006-11-02 08:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS [2006-11-02 08:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS [2006-11-02 08:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS [2006-11-02 08:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS [2006-11-02 08:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS [2006-11-02 08:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS [2006-11-02 08:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS [2006-11-02 08:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS [2006-11-02 08:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS [2006-11-02 08:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS [2006-11-02 08:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS [2006-11-02 08:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS [2006-11-02 08:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS [2006-11-02 07:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll [2001-11-14 21:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll [1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2009-12-06 23:12:10 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Advanced Chemistry Development [2011-09-01 14:40:48 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Ashampoo [2009-08-26 16:30:55 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\DAEMON Tools Lite [2009-10-08 18:23:40 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\fltk.org [2011-11-22 13:02:20 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\ipla [2009-09-14 21:49:37 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\IrfanView [2009-09-01 17:08:24 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Leadertech [2009-08-24 12:59:09 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Lenovo [2011-08-14 17:48:43 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\MiniLyrics [2010-03-15 23:51:01 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Notepad++ [2009-12-07 21:05:19 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\OpenOffice.org [2011-02-26 22:35:26 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Opera [2011-03-15 19:19:59 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\PC Suite [2011-03-15 19:12:20 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Samsung [2010-03-11 20:25:47 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Scilab [2011-09-28 19:18:55 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\Thunderbird [2010-03-14 16:46:56 | 000,000,000 | ---D | M] -- C:\Users\Mikołaj\AppData\Roaming\TigerPlayer [2011-12-29 16:16:02 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >