OTL logfile created on: 2012-02-28 13:51:29 - Run 1 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\User\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,48% Memory free 4,00 Gb Paging File | 2,93 Gb Available in Paging File | 73,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,71 Gb Total Space | 95,44 Gb Free Space | 41,01% Space Free | Partition Type: NTFS Drive D: | 232,95 Gb Total Space | 75,79 Gb Free Space | 32,53% Space Free | Partition Type: NTFS Drive E: | 2,23 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 1,92 Gb Total Space | 0,70 Gb Free Space | 36,52% Space Free | Partition Type: FAT Computer Name: USER-KOMPUTER | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-02-28 13:06:22 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe PRC - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-10-15 09:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-09-06 17:16:42 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2011-09-06 17:16:16 | 003,076,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2011-07-16 05:34:28 | 000,025,600 | ---- | M] () -- C:\Users\User\winlogon.exe PRC - [2011-01-17 19:50:30 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2011-01-17 19:50:30 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2010-10-02 10:18:46 | 000,092,672 | ---- | M] (www.motioninjoy.com) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009-07-14 02:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe PRC - [2009-07-14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-06-04 14:10:56 | 005,777,408 | ---- | M] () -- C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-11-06 18:41:52 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll MOD - [2011-11-06 18:41:52 | 000,170,496 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxslt.dll MOD - [2011-07-16 05:34:28 | 000,025,600 | ---- | M] () -- C:\Users\User\winlogon.exe MOD - [2009-07-14 09:07:18 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pl_b77a5c561934e089\mscorlib.resources.dll MOD - [2009-07-14 09:07:18 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_pl_b77a5c561934e089\System.resources.dll MOD - [2009-07-14 05:43:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll MOD - [2009-07-14 05:42:57 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll MOD - [2009-07-14 05:42:40 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll MOD - [2009-07-14 05:42:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll MOD - [2009-07-14 05:42:36 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll MOD - [2009-07-14 05:42:30 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll MOD - [2009-06-04 14:10:56 | 005,777,408 | ---- | M] () -- C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe MOD - [2009-03-25 15:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\EPU-4 Engine\AsSpindownTimeout.dll MOD - [2009-01-15 13:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files\ASUS\EPU-4 Engine\pngio.dll MOD - [2006-01-10 09:50:20 | 000,024,576 | R--- | M] () -- C:\Windows\System32\AsIO.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-02-14 21:56:44 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-10-15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-10-15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011-09-29 23:16:56 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011-09-06 17:16:42 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-08-09 12:57:10 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 08:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw) DRV - [2011-08-04 08:20:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\epfwwfp.sys -- (epfwwfp) DRV - [2011-08-04 08:20:38 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF) DRV - [2011-08-04 08:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-07-13 23:02:53 | 000,311,808 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL85n86.sys -- (RTL85n86) DRV - [2009-06-10 22:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009-06-09 05:37:08 | 000,047,616 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E62x86.sys -- (L1E) DRV - [2009-05-13 12:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) DRV - [2007-12-17 10:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO) DRV - [2005-03-09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=d7d6ecfe-ea05-11e0-b872-90e6ba3f1a2b IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3861515035-15926319-1308479673-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=110000&tt=090212_noffx&babsrc=HP_ss&mntrId=f0c3c77400000000000090e6ba3f1a2b IE - HKU\S-1-5-21-3861515035-15926319-1308479673-1000\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.) IE - HKU\S-1-5-21-3861515035-15926319-1308479673-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKU\S-1-5-21-3861515035-15926319-1308479673-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53657 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Web Search" FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=110000&tt=090212_noffx&babsrc=adbartrp&mntrId=f0c3c77400000000000090e6ba3f1a2b&q=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 53657 FF - prefs.js..network.proxy.type: 1 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-02-28 11:32:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-02-28 11:32:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-02-28 11:31:07 | 000,000,000 | ---D | M] [2011-10-10 21:45:49 | 000,002,207 | ---- | M] () -- \Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sfc09r1g.default\searchplugins\MyStart Search.xml [2012-02-14 22:00:31 | 000,000,792 | ---- | M] () -- \Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sfc09r1g.default\searchplugins\startsear.xml [2012-02-28 11:32:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions () (No name found) -- C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SFC09R1G.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI [2012-02-19 21:27:31 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-11-06 18:39:56 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-10-03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll [2012-02-14 20:35:16 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-15 22:41:23 | 000,002,352 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-02-14 20:35:16 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-14 20:35:16 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-14 20:35:16 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-14 20:35:16 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-14 20:35:16 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3861515035-15926319-1308479673-1000\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKU\S-1-5-21-3861515035-15926319-1308479673-1000\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\tbIncr.dll (Conduit Ltd.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-3861515035-15926319-1308479673-1000..\Run: [ALLUpdate] C:\Program Files\ALLPlayer\ALLUpdate.exe () O4 - HKU\S-1-5-21-3861515035-15926319-1308479673-1000..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com) O4 - HKU\S-1-5-21-3861515035-15926319-1308479673-1000..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-3861515035-15926319-1308479673-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-3861515035-15926319-1308479673-1000..\Run: [winlogon] C:\Users\User\winlogon.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3861515035-15926319-1308479673-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3861515035-15926319-1308479673-1003..\RunOnce: [WAB Migrate] C:\Program Files\Windows Mail\wab.exe (Microsoft Corporation) O4 - Startup: C:\Users\All Users\ACD Systems [2012-02-28 11:34:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Adobe [2012-02-28 11:34:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Application Data [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Babylon [2012-02-15 22:41:14 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Codemasters [2012-02-28 11:34:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\DAEMON Tools Lite [2012-02-28 11:34:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Dane aplikacji [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Desktop [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Documents [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Dokumenty [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\EA Core [2012-02-28 11:34:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Electronic Arts [2012-02-28 11:34:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\ESET [2012-02-28 11:34:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Favorites [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\id Software [2012-02-28 11:34:46 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\IM [2012-02-28 11:34:46 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\IncrediMail [2012-02-28 11:34:46 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\McAfee [2012-02-28 11:34:46 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Menu Start [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Microsoft [2012-02-28 11:34:52 | 000,000,000 | --SD | M] O4 - Startup: C:\Users\All Users\Norton [2012-02-28 11:34:52 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\NortonInstaller [2012-02-28 11:34:52 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\NVIDIA [2012-02-28 12:34:45 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\NVIDIA Corporation [2012-02-28 11:28:38 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Origin [2012-02-28 11:34:53 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Pulpit [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Start Menu [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Sun [2012-02-28 11:34:53 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Symantec [2012-02-28 11:34:53 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Szablony [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\Templates [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\All Users\TmForever [2012-02-28 11:34:53 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ubisoft [2012-02-28 11:34:53 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\All Users\Ulubione [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\AppData [2009-07-14 03:37:05 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\Default\Application Data [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Cookies [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Dane aplikacji [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Desktop [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Documents [2012-02-28 12:26:13 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Downloads [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Favorites [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Links [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\Local Settings [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Menu Start [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Moje dokumenty [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Music [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\My Documents [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NetHood [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\NTUSER.DAT () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG1 () O4 - Startup: C:\Users\Default\NTUSER.DAT.LOG2 () O4 - Startup: C:\Users\Default\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf () O4 - Startup: C:\Users\Default\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\Default\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\Default\Pictures [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Default\PrintHood [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Recent [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Saved Games [2009-07-14 03:04:25 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\Default\SendTo [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Start Menu [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Szablony [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Templates [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Ustawienia lokalne [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\Default\Videos [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Desktop [2012-02-28 11:34:53 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Documents [2012-02-28 12:26:13 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Downloads [2009-07-14 05:41:57 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Favorites [2009-07-14 03:04:25 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Libraries [2009-07-14 05:41:57 | 000,000,000 | RH-D | M] O4 - Startup: C:\Users\Public\Music [2009-07-14 05:41:57 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Pictures [2012-02-28 11:34:54 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Recorded TV [2012-02-28 11:34:54 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\Public\Videos [2009-07-14 05:41:57 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\AppData [2012-02-28 11:37:16 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\UpdatusUser\Contacts [2011-11-16 14:16:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\UpdatusUser\Cookies [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Dane aplikacji [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Desktop [2012-02-28 11:37:17 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Documents [2012-02-28 11:29:40 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Downloads [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Favorites [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Links [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\Menu Start [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Moje dokumenty [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Music [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\NetHood [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat.LOG1 () O4 - Startup: C:\Users\UpdatusUser\ntuser.dat.LOG2 () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\UpdatusUser\ntuser.ini () O4 - Startup: C:\Users\UpdatusUser\Pictures [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\UpdatusUser\PrintHood [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Recent [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Saved Games [2009-07-14 03:04:25 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\UpdatusUser\Searches [2011-11-16 14:16:06 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\UpdatusUser\SendTo [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Szablony [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Ustawienia lokalne [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\UpdatusUser\Videos [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\.gimp-2.6 [2012-02-28 11:37:28 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\User\.recently-used.xbel () O4 - Startup: C:\Users\User\.thumbnails [2012-02-28 11:37:28 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\User\AppData [2012-02-28 11:37:47 | 000,000,000 | -H-D | M] O4 - Startup: C:\Users\User\Contacts [2012-02-28 11:38:08 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\Cookies [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\Dane aplikacji [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\Desktop [2012-02-28 13:51:01 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\Documents [2012-02-28 11:38:24 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\Downloads [2012-02-28 11:38:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\Favorites [2012-02-28 11:38:26 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\Links [2012-02-28 11:38:26 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\Menu Start [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\Moje dokumenty [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\Music [2009-07-14 03:04:25 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\NetHood [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\NTUSER.DAT () O4 - Startup: C:\Users\User\ntuser.dat.LOG1 () O4 - Startup: C:\Users\User\ntuser.dat.LOG2 () O4 - Startup: C:\Users\User\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf () O4 - Startup: C:\Users\User\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: C:\Users\User\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: C:\Users\User\ntuser.ini () O4 - Startup: C:\Users\User\Pictures [2012-02-28 11:38:26 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\PrintHood [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\Recent [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\Saved Games [2012-02-28 11:38:26 | 000,000,000 | ---D | M] O4 - Startup: C:\Users\User\Searches [2012-02-28 11:38:26 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\SendTo [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\Szablony [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\uidsave.dat () O4 - Startup: C:\Users\User\Ustawienia lokalne [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] O4 - Startup: C:\Users\User\Videos [2012-02-28 11:38:26 | 000,000,000 | R--D | M] O4 - Startup: C:\Users\User\winlogon.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKU\S-1-5-21-3861515035-15926319-1308479673-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3861515035-15926319-1308479673-1000 Winlogon: Shell - ("C:\Users\User\winlogon.exe") - C:\Users\User\winlogon.exe () O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009-07-14 11:59:45 | 000,000,043 | R--- | M] () - E:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2011-04-27 18:04:00 | 000,000,143 | -HS- | M] () - F:\autorun.bak -- [ FAT ] O32 - AutoRun File - [2012-02-11 13:35:56 | 000,000,230 | -HS- | M] () - F:\autorun.inf -- [ FAT ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-02-28 12:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012-02-28 12:27:07 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2012-02-28 12:27:07 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2012-02-28 12:27:06 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2012-02-28 12:26:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2012-02-28 12:26:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2012-02-28 12:26:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2012-02-28 12:26:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2012-02-28 12:26:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2012-02-28 12:26:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2012-02-28 12:26:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2012-02-28 12:26:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2012-02-28 12:26:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2012-02-28 11:29:49 | 000,000,000 | R--D | C] -- C:\Users\User\Videos [2012-02-28 11:29:49 | 000,000,000 | R--D | C] -- C:\Users\User\Pictures [2012-02-28 11:29:49 | 000,000,000 | R--D | C] -- C:\Users\User\Music [2012-02-28 11:29:49 | 000,000,000 | R--D | C] -- C:\Users\User\Links [2012-02-28 11:29:49 | 000,000,000 | R--D | C] -- C:\Users\User\Favorites [2012-02-28 11:29:49 | 000,000,000 | R--D | C] -- C:\Users\User\Downloads [2012-02-28 11:29:49 | 000,000,000 | R--D | C] -- C:\Users\User\Documents [2012-02-28 11:29:49 | 000,000,000 | R--D | C] -- C:\Users\User\Desktop [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Ustawienia lokalne [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Szablony [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\SendTo [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Recent [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\PrintHood [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\NetHood [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Moje dokumenty [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Menu Start [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Dane aplikacji [2012-02-28 11:29:49 | 000,000,000 | -HSD | C] -- C:\Users\User\Cookies [2012-02-28 11:29:49 | 000,000,000 | -H-D | C] -- C:\Users\User\AppData [2012-02-28 11:29:49 | 000,000,000 | ---D | C] -- C:\Users\User\Saved Games [2012-02-28 11:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012-02-28 11:28:36 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012-02-28 11:27:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012-02-28 11:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012-02-28 11:26:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012-02-28 11:24:55 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012-02-28 11:19:08 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q [2012-02-28 11:19:08 | 000,000,000 | -H-D | C] -- \$WINDOWS.~Q [2012-02-28 11:17:01 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR [2012-02-28 11:17:01 | 000,000,000 | -H-D | C] -- \$INPLACE.~TR [2012-02-27 15:14:01 | 000,000,000 | ---D | C] -- C:\Nowy folder [2012-02-27 15:14:01 | 000,000,000 | ---D | C] -- \Nowy folder [2012-02-27 13:46:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2012-02-27 13:45:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2012-02-27 13:44:47 | 000,000,000 | ---D | C] -- C:\98e47afac5b74030c6 [2012-02-27 13:44:47 | 000,000,000 | ---D | C] -- \98e47afac5b74030c6 [2012-02-22 21:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\LP [2012-02-21 20:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012-02-21 20:28:33 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012-02-21 20:27:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012-02-17 22:36:40 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-02-17 22:36:40 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012-02-15 22:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar [2012-02-15 22:41:35 | 000,000,000 | ---D | C] -- C:\Program Files\FoxTabPDFReader [2012-02-15 22:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012-02-14 19:04:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-02-28 13:35:03 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-02-28 13:35:03 | 000,014,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-02-28 13:09:18 | 000,697,674 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-02-28 13:09:18 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-02-28 13:09:18 | 000,134,784 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-02-28 13:09:18 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-02-28 12:34:41 | 000,298,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-02-28 12:34:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-02-28 12:34:28 | 1609,916,416 | -HS- | M] () -- C:\hiberfil.sys [2012-02-28 11:50:41 | 000,064,519 | ---- | M] () -- C:\Windows\System32\license.rtf [2012-02-28 11:43:17 | 000,021,616 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat [2012-02-28 10:54:17 | 000,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml [2012-02-28 10:54:15 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml [2012-02-20 15:54:11 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for User.job [2012-02-17 22:36:40 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-02-17 22:36:40 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2012-02-15 22:42:18 | 000,000,240 | ---- | M] () -- C:\user.js [2012-02-12 17:15:50 | 282,849,484 | ---- | M] () -- C:\Windows\MEMORY.DMP [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-02-28 11:52:00 | 1609,916,416 | -HS- | C] () -- C:\hiberfil.sys [2012-02-28 11:52:00 | 1609,916,416 | -HS- | C] () -- \hiberfil.sys [2012-02-28 11:43:17 | 000,021,616 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat [2012-02-28 11:29:28 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012-02-28 11:29:26 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012-02-28 10:54:14 | 000,002,544 | ---- | C] () -- C:\Windows\diagwrn.xml [2012-02-28 10:54:14 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml [2012-02-21 20:28:49 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2012-02-15 22:42:18 | 000,000,240 | ---- | C] () -- C:\user.js [2012-02-15 22:42:18 | 000,000,240 | ---- | C] () -- \user.js [2011-12-11 16:26:37 | 000,001,890 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2011-12-11 16:26:37 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\DFEA952E3F.sys [2011-11-17 16:55:38 | 000,138,576 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011-10-15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011-10-12 19:52:23 | 000,215,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011-10-12 19:52:22 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011-10-10 21:39:15 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys [2011-10-08 22:55:50 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-10-08 22:55:50 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll [2011-09-28 14:32:19 | 000,024,576 | R--- | C] () -- C:\Windows\System32\AsIO.dll [2011-09-28 14:32:19 | 000,012,400 | R--- | C] () -- C:\Windows\System32\drivers\AsIO.sys [2011-09-28 14:32:17 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys [2011-09-28 14:32:17 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys [2011-09-28 14:30:10 | 000,022,556 | ---- | C] () -- C:\Windows\Ascd_log.ini [2011-09-28 14:29:59 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011-09-28 14:29:51 | 000,017,689 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [color=#E56717]========== LOP Check ==========[/color] [2012-02-28 11:34:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ACD Systems [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data [2012-02-15 22:41:14 | 000,000,000 | ---D | M] -- C:\Users\All Users\Babylon [2012-02-28 11:34:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\Codemasters [2012-02-28 11:34:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\DAEMON Tools Lite [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dane aplikacji [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumenty [2012-02-28 11:34:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\EA Core [2012-02-28 11:34:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts [2012-02-28 11:34:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ESET [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites [2012-02-28 11:34:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\id Software [2012-02-28 11:34:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\IM [2012-02-28 11:34:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\IncrediMail [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Menu Start [2012-02-28 11:34:53 | 000,000,000 | ---D | M] -- C:\Users\All Users\Origin [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Pulpit [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Szablony [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates [2012-02-28 11:34:53 | 000,000,000 | ---D | M] -- C:\Users\All Users\TmForever [2012-02-28 11:34:53 | 000,000,000 | ---D | M] -- C:\Users\All Users\Ubisoft [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Ulubione [2009-07-14 03:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\Default\Dane aplikacji [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop [2012-02-28 12:26:13 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\Default\Menu Start [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\Default\Moje dokumenty [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent [2009-07-14 03:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\Default\Szablony [2009-07-14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates [2012-02-28 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\Default\Ustawienia lokalne [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos [2012-02-28 11:34:53 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop [2012-02-28 12:26:13 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents [2009-07-14 05:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads [2009-07-14 03:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites [2009-07-14 05:41:57 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries [2009-07-14 05:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music [2012-02-28 11:34:54 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures [2012-02-28 11:34:54 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV [2009-07-14 05:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos [2012-02-28 11:37:16 | 000,000,000 | -H-D | M] -- C:\Users\UpdatusUser\AppData [2011-11-16 14:16:06 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Contacts [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Cookies [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Dane aplikacji [2012-02-28 11:37:17 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Desktop [2012-02-28 11:29:40 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Documents [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Downloads [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Favorites [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Links [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Menu Start [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Moje dokumenty [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Music [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\NetHood [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Pictures [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\PrintHood [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Recent [2009-07-14 03:04:25 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Saved Games [2011-11-16 14:16:06 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\Searches [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\SendTo [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Szablony [2012-02-28 11:29:40 | 000,000,000 | -HSD | M] -- C:\Users\UpdatusUser\Ustawienia lokalne [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\UpdatusUser\Videos [2012-02-28 11:37:28 | 000,000,000 | ---D | M] -- C:\Users\User\.gimp-2.6 [2012-02-28 11:37:28 | 000,000,000 | ---D | M] -- C:\Users\User\.thumbnails [2012-02-28 11:37:47 | 000,000,000 | -H-D | M] -- C:\Users\User\AppData [2012-02-28 11:38:08 | 000,000,000 | R--D | M] -- C:\Users\User\Contacts [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\Cookies [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\Dane aplikacji [2012-02-28 13:51:01 | 000,000,000 | R--D | M] -- C:\Users\User\Desktop [2012-02-28 11:38:24 | 000,000,000 | R--D | M] -- C:\Users\User\Documents [2012-02-28 11:38:25 | 000,000,000 | R--D | M] -- C:\Users\User\Downloads [2012-02-28 11:38:26 | 000,000,000 | R--D | M] -- C:\Users\User\Favorites [2012-02-28 11:38:26 | 000,000,000 | R--D | M] -- C:\Users\User\Links [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\Menu Start [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\Moje dokumenty [2009-07-14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\User\Music [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\NetHood [2012-02-28 11:38:26 | 000,000,000 | R--D | M] -- C:\Users\User\Pictures [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\PrintHood [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\Recent [2012-02-28 11:38:26 | 000,000,000 | ---D | M] -- C:\Users\User\Saved Games [2012-02-28 11:38:26 | 000,000,000 | R--D | M] -- C:\Users\User\Searches [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\SendTo [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\Szablony [2012-02-28 11:29:49 | 000,000,000 | -HSD | M] -- C:\Users\User\Ustawienia lokalne [2012-02-28 11:38:26 | 000,000,000 | R--D | M] -- C:\Users\User\Videos [2009-07-14 05:53:46 | 000,001,172 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >