OTL logfile created on: 2012-02-27 20:13:57 - Run 1 OTL by OldTimer - Version 3.2.33.2 Folder = E:\ Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,99 Gb Total Physical Memory | 1,62 Gb Available Physical Memory | 81,35% Memory free 3,84 Gb Paging File | 3,66 Gb Available in Paging File | 95,30% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 10,09 Gb Free Space | 34,43% Space Free | Partition Type: NTFS Drive D: | 40,98 Gb Total Space | 23,54 Gb Free Space | 57,44% Space Free | Partition Type: NTFS Drive E: | 886,98 Mb Total Space | 885,44 Mb Free Space | 99,83% Space Free | Partition Type: FAT32 Computer Name: DOMOWY-DFEBACBD | User Name: Domowy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-02-27 20:01:40 | 000,583,680 | ---- | M] (OldTimer Tools) -- E:\OTL.exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- -- (HidServ) SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) SRV - [2010-10-20 17:56:50 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2007-08-09 08:27:52 | 000,073,728 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2006-01-17 09:37:24 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe -- (btwdins) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2008-04-13 23:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Sterownik NT karty Realtek RTL8139(A/B/C) DRV - [2007-02-07 15:50:32 | 000,118,552 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adiusbaw.sys -- (adiusbaw) DRV - [2007-02-07 15:50:14 | 000,056,088 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\adildr.sys -- (ELOADER) General Purpose USB Driver (adildr.sys) DRV - [2006-09-08 16:01:20 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006-08-30 13:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2005-11-16 19:28:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2005-11-01 17:08:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2005-10-17 15:16:50 | 010,446,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1417001333-1645522239-515967899-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-1417001333-1645522239-515967899-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1417001333-1645522239-515967899-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20978f0f-2978-4992-ae97-7d373c44e04e}: C:\Program Files\Common Files\Techland\Translator\MozillaTranslator\ [2010-10-25 18:26:37 | 000,000,000 | ---D | M] [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google () CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} O1 HOSTS File: ([2012-02-28 01:54:19 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O3 - HKLM\..\Toolbar: (@C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll,-118) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll (Techland) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-1417001333-1645522239-515967899-1004\..\Toolbar\WebBrowser: (@C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll,-118) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll (Techland) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1417001333-1645522239-515967899-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1417001333-1645522239-515967899-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1417001333-1645522239-515967899-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm File not found O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : @C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Common Files\Techland\Translator\InternetTranslator.dll (Techland) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-18 10:16:52 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2012-02-27 16:39:22 | 000,000,016 | -H-- | M] () - E:\AUTORUN.INF -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-02-28 01:54:11 | 000,000,000 | ---D | C] -- C:\_OTL [2012-02-27 00:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2012-02-27 00:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Avast [2012-02-27 00:42:33 | 000,123,712 | ---- | C] (ESET) -- C:\Documents and Settings\Domowy\Pulpit\ESETSirefefRemover.exe [2012-02-27 00:36:06 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012-02-27 00:21:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-02-27 00:20:44 | 000,143,360 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll [2012-02-27 00:18:35 | 000,000,000 | ---D | C] -- C:\Drivers [2012-02-27 00:18:15 | 005,417,984 | ---- | C] (Lenovo Group Limited ) -- C:\Documents and Settings\Domowy\Pulpit\63vi02ww.exe [2012-02-26 23:49:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-02-26 23:31:34 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-02-26 23:00:17 | 002,062,896 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Domowy\Pulpit\tdsskiller.exe [2012-02-26 23:00:17 | 000,171,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Domowy\Pulpit\salitykiller.exe [2012-02-26 21:34:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar [2012-02-26 21:34:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Norton [2012-02-26 21:33:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\NortonInstaller [2012-02-26 21:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-02-26 21:03:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy [2012-02-26 20:14:58 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i8042prt.sys [2012-02-26 19:42:30 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012-02-26 19:41:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-02-26 19:41:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-02-26 19:41:58 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-02-26 19:41:58 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-02-26 14:48:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Windows Genuine Advantage [2012-02-26 14:46:27 | 004,419,501 | R--- | C] (Swearware) -- C:\Documents and Settings\Domowy\Pulpit\ComboFix.exe [2012-02-26 14:12:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2012-02-26 14:12:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Domowy\Menu Start\Programy\Narzędzia administracyjne [2012-02-26 08:02:57 | 000,000,000 | ---D | C] -- C:\! [2012-02-12 15:48:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Domowy\Pulpit\Zdjęcia 12 luty 2012 [2010-11-07 16:50:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Domowy\Dane aplikacji\pcouffin.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-02-28 01:54:19 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts [2012-02-27 20:14:51 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B4749411-7A9B-4358-A748-BDD7FE92B94C}.job [2012-02-27 20:11:22 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-02-27 20:11:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-02-27 20:09:43 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012-02-27 06:27:01 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-02-27 00:43:33 | 074,920,720 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\avast_free_antivirus_setup.exe [2012-02-27 00:42:33 | 000,123,712 | ---- | M] (ESET) -- C:\Documents and Settings\Domowy\Pulpit\ESETSirefefRemover.exe [2012-02-27 00:18:15 | 005,417,984 | ---- | M] (Lenovo Group Limited ) -- C:\Documents and Settings\Domowy\Pulpit\63vi02ww.exe [2012-02-27 00:09:04 | 000,920,096 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Norton_Removal_Tool.exe [2012-02-26 23:15:34 | 000,000,327 | RHS- | M] () -- C:\boot.ini [2012-02-26 22:31:56 | 000,171,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Domowy\Pulpit\salitykiller.exe [2012-02-26 22:30:56 | 002,062,896 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Domowy\Pulpit\tdsskiller.exe [2012-02-26 21:35:47 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-02-26 20:52:34 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20120226-212839.backup [2012-02-26 20:25:09 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-02-26 14:46:34 | 004,419,501 | R--- | M] (Swearware) -- C:\Documents and Settings\Domowy\Pulpit\ComboFix.exe [2012-02-26 14:36:18 | 001,447,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-02-26 14:34:27 | 000,491,314 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-02-26 14:34:27 | 000,433,138 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-02-26 14:34:27 | 000,084,526 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-02-26 14:34:27 | 000,068,094 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-02-26 14:04:26 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2012-02-18 14:26:17 | 000,115,305 | ---- | M] () -- C:\Qoobox.zip [2012-02-12 15:46:31 | 000,056,832 | ---- | M] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-02-12 15:44:56 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLdu.DAT [2012-02-10 12:37:18 | 036,312,288 | ---- | M] () -- C:\Documents and Settings\Domowy\Pulpit\Wygłupy na stołówce.AVI [2012-02-01 10:53:54 | 000,000,004 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx [2012-02-01 10:53:53 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-02-27 00:43:29 | 074,920,720 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\avast_free_antivirus_setup.exe [2012-02-27 00:09:01 | 000,920,096 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Norton_Removal_Tool.exe [2012-02-26 19:42:37 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2012-02-26 19:42:36 | 000,262,400 | RHS- | C] () -- C:\cmldr [2012-02-26 19:41:58 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-02-26 19:41:58 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-02-26 19:41:58 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-02-26 19:41:58 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-02-26 19:41:58 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-02-26 14:08:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-26 14:08:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012-02-18 14:26:17 | 000,115,305 | ---- | C] () -- C:\Qoobox.zip [2012-02-12 15:48:26 | 036,312,288 | ---- | C] () -- C:\Documents and Settings\Domowy\Pulpit\Wygłupy na stołówce.AVI [2011-12-29 17:31:11 | 000,119,714 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2011-12-22 20:39:45 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\ViewerApp.dat [2011-10-02 09:20:31 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\$_hpcst$.hpc [2011-07-21 17:27:55 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-02-03 19:31:51 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-11-07 17:45:37 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\XTDocSettings_ft.ini [2010-11-07 16:50:53 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\ezpinst.exe [2010-11-07 16:50:53 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\pcouffin.inf [2010-11-07 16:50:53 | 000,001,074 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\pcouffin.cat [2010-11-07 16:03:59 | 000,001,456 | ---- | C] () -- C:\WINDOWS\unins000.dat [2010-10-28 17:58:11 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Standard [2010-10-28 17:58:11 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\Spacious [2010-10-28 17:58:11 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\PKP_DLdu.DAT [2010-10-28 17:58:11 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\String Comparison [2010-10-25 18:24:11 | 000,000,090 | ---- | C] () -- C:\Documents and Settings\Domowy\Dane aplikacji\XTDocSettings_dt.ini [2010-10-23 19:15:35 | 000,119,664 | ---- | C] () -- C:\WINDOWS\hpoins11.dat.temp [2010-10-23 19:15:34 | 000,011,634 | ---- | C] () -- C:\WINDOWS\hpomdl11.dat.temp [2010-10-23 18:50:16 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2010-10-23 12:34:21 | 000,000,169 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2010-10-23 12:34:21 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2010-10-23 12:33:39 | 000,253,008 | ---- | C] () -- C:\WINDOWS\adirasx64.exe [2010-10-23 12:33:39 | 000,194,128 | ---- | C] () -- C:\WINDOWS\adiras.exe [2010-10-23 12:33:39 | 000,000,990 | ---- | C] () -- C:\WINDOWS\adiras.ini [2010-10-23 12:33:37 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\IPDETECT.EXE [2010-10-23 12:33:35 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P2.BIN [2010-10-23 12:33:34 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2010-10-23 12:33:34 | 000,176,128 | ---- | C] () -- C:\WINDOWS\autoclk.exe [2010-10-23 12:33:34 | 000,024,576 | ---- | C] () -- C:\WINDOWS\enddisk32.exe [2010-10-23 12:33:33 | 000,152,308 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I2.BIN [2010-10-23 12:33:33 | 000,152,306 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I1.BIN [2010-10-23 12:33:33 | 000,152,306 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I0.BIN [2010-10-23 12:33:33 | 000,152,146 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P2.BIN [2010-10-23 12:33:33 | 000,152,145 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P1.BIN [2010-10-23 12:33:33 | 000,152,145 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P0.BIN [2010-10-23 12:33:33 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P1.BIN [2010-10-23 12:33:33 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P0.BIN [2010-10-23 12:33:33 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I2.BIN [2010-10-23 12:33:33 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I1.BIN [2010-10-23 12:33:33 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I0.BIN [2010-10-23 12:33:33 | 000,152,036 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D2.BIN [2010-10-23 12:33:33 | 000,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D0.BIN [2010-10-23 12:33:33 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL [2010-10-23 12:33:32 | 000,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D1.BIN [2010-10-23 12:33:32 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin [2010-10-20 18:36:58 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-10-20 18:33:38 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-10-20 18:33:37 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-10-20 18:33:36 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-10-20 18:33:36 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-10-20 18:33:35 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-10-20 16:43:10 | 000,000,541 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2010-10-20 15:47:16 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2010-10-20 15:16:23 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\tsnp2std.exe [2010-10-20 15:16:23 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SNCTRL.exe [2010-10-20 15:16:23 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini [2010-10-20 15:16:22 | 010,446,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys [2010-10-20 15:16:22 | 000,122,880 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll [2010-10-20 15:16:22 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll [2010-10-20 15:16:22 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnp2std.exe [2010-10-20 15:14:17 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [2010-10-20 15:08:08 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ2.dat [2010-10-20 15:08:08 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ1.dat [2010-10-20 15:08:08 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTHDAEQ0.dat [2010-10-18 18:06:43 | 000,056,832 | ---- | C] () -- C:\Documents and Settings\Domowy\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-10-18 17:57:22 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-10-18 17:55:49 | 001,447,536 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-10-18 16:39:30 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-10-18 16:33:59 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== LOP Check ==========[/color] [2010-11-07 16:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ACD Systems [2012-02-27 20:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2010-10-22 19:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited [2010-10-28 17:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EnterNHelp [2010-10-28 17:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nikon [2010-10-28 17:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ultima_T15 [2010-11-07 16:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\ACD Systems [2011-02-09 19:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Audacity [2010-10-22 19:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Canneverbe Limited [2010-12-30 20:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\gtk-2.0 [2012-02-01 10:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Image Zone Express [2010-10-28 18:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Nikon [2010-11-07 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\TransDeu3 [2011-11-19 16:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\TransDeu4 [2010-10-25 17:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\TransEngPol4 [2012-02-05 19:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\TransEngPol5 [2010-10-22 07:47:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Video DVD Maker FREE [2012-01-19 15:27:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\Vso [2010-10-22 19:04:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Domowy\Dane aplikacji\WinAVI [2012-02-27 20:14:51 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{B4749411-7A9B-4358-A748-BDD7FE92B94C}.job [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< C:\Windows\*. /RP /s >[/color] [color=#A23BEC]< C:\Windows|$NtUninstallKB53455$;true;true;false /FP >[/color] [2011-10-13 16:22:01 | 000,000,000 | -HSD | M] -- C:\WINDOWS\$NtUninstallKB53455$ [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color] [C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction [C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction < End of report >