OTL logfile created on: 3/3/2012 1:08:18 AM - Run OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE 64bit-Windows Vista (TM) Ultimate Service Pack 2 (Version = 6.0.6002) - Type = System Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free Paging file location(s): [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97.66 Gb Total Space | 12.63 Gb Free Space | 12.93% Space Free | Partition Type: NTFS Drive D: | 931.51 Gb Total Space | 49.36 Gb Free Space | 5.30% Space Free | Partition Type: NTFS Drive E: | 931.28 Gb Total Space | 2.72 Gb Free Space | 0.29% Space Free | Partition Type: NTFS Drive F: | 195.31 Gb Total Space | 5.00 Gb Free Space | 2.56% Space Free | Partition Type: NTFS Drive G: | 638.54 Gb Total Space | 72.79 Gb Free Space | 11.40% Space Free | Partition Type: NTFS Drive H: | 14.92 Gb Total Space | 14.83 Gb Free Space | 99.37% Space Free | Partition Type: FAT32 Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet006 [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009/04/22 00:38:59 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt) SRV - [2011/05/13 15:17:36 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011/03/15 08:34:57 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service) SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/12 04:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService) SRV - [2009/04/25 08:38:51 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service) SRV - [2009/04/04 15:05:06 | 000,067,424 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/01/20 21:48:14 | 000,028,672 | ---- | M] (Microsoft Corporation) [Auto] -- F:\Windows\System32\seclogon.dll -- (seclogon) SRV - [2008/01/20 21:46:37 | 000,284,160 | ---- | M] (Microsoft Corporation) [On_Demand] -- F:\Windows\System32\qwave.dll -- (QWAVE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011/08/17 17:15:10 | 000,526,392 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011/08/17 07:27:23 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\timntr.sys -- (timounter) DRV:[b]64bit:[/b] - [2011/05/10 04:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA) DRV:[b]64bit:[/b] - [2011/04/26 07:37:38 | 000,156,912 | ---- | M] (Oracle Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2010/11/09 08:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto] -- C:\Windows\System32\drivers\cpuz135_x64.sys -- (cpuz135) DRV:[b]64bit:[/b] - [2010/07/07 16:21:18 | 001,612,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ha20x22k.sys -- (ha20x22k) DRV:[b]64bit:[/b] - [2010/07/07 16:21:06 | 001,567,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k) DRV:[b]64bit:[/b] - [2010/07/07 16:20:56 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia) DRV:[b]64bit:[/b] - [2010/07/07 16:20:48 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV:[b]64bit:[/b] - [2010/07/07 16:20:40 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k) DRV:[b]64bit:[/b] - [2010/07/07 16:16:32 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv) DRV:[b]64bit:[/b] - [2010/07/07 16:16:24 | 000,697,816 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM) DRV:[b]64bit:[/b] - [2010/07/07 16:16:14 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k) DRV:[b]64bit:[/b] - [2010/07/07 16:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS) DRV:[b]64bit:[/b] - [2010/07/07 16:16:06 | 001,445,976 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX) DRV:[b]64bit:[/b] - [2010/07/07 16:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS) DRV:[b]64bit:[/b] - [2010/07/07 16:15:56 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT) DRV:[b]64bit:[/b] - [2010/07/07 16:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS) DRV:[b]64bit:[/b] - [2010/07/07 16:15:50 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT) DRV:[b]64bit:[/b] - [2009/03/25 09:18:56 | 000,303,616 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2009/03/25 09:18:54 | 000,035,328 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2009/02/13 05:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand] -- C:\Windows\System32\drivers\wdcsam64.sys -- (WDC_SAM) DRV:[b]64bit:[/b] - [2009/01/08 12:28:16 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2008/07/22 01:42:58 | 000,060,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtnic64.sys -- (RTL8023x64) DRV:[b]64bit:[/b] - [2008/05/22 06:22:26 | 000,020,608 | ---- | M] (Razer USA Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Lycosa.sys -- (Lycosa) DRV:[b]64bit:[/b] - [2007/08/17 01:48:46 | 000,030,336 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Lachesis.sys -- (VaneFltr) DRV:[b]64bit:[/b] - [2007/06/24 23:37:14 | 000,108,032 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\Adam_ON_F\Software\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Adam\Pictures IE - HKU\Adam_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\Adam_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb IE - HKU\Adam_ON_F\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC AA 8B A6 29 BB CB 01 [binary data] IE - HKU\Adam_ON_F\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\Adam_ON_F\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\TEMP.Adam-PC_ON_F\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: File not found FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: File not found FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\Adam\AppData\Local\RewardsArcade\498\Firefox O1 HOSTS File: ([2009/02/23 22:35:22 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - File not found O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - File not found O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - File not found O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - File not found O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\Adam_ON_F\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\Adam_ON_F\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found. O3 - HKU\Adam_ON_F\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKU\Adam_ON_F\..\Toolbar\WebBrowser: (no name) - {D43723AE-1AE1-4A25-A6A4-BF0929273CAB} - No CLSID value found. O4:[b]64bit:[/b] - HKLM..\Run: [amBX Daemon] File not found O4:[b]64bit:[/b] - HKLM..\Run: [amBX System Tray Application] File not found O4:[b]64bit:[/b] - HKLM..\Run: [combofix] File not found O4:[b]64bit:[/b] - HKLM..\Run: [WPCUMI] File not found O4 - HKLM..\Run: [emsisoft anti-malware] File not found O4 - HKU\Adam_ON_F..\Run: [DAEMON Tools Lite] File not found O4 - HKU\TEMP.Adam-PC_ON_F..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\OobeFldr.dll (Microsoft Corporation) O4 - HKU\UpdatusUser_ON_F..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\UpdatusUser_ON_F..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\OobeFldr.dll (Microsoft Corporation) O4 - Startup: Error locating startup folders. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\Adam_ON_F\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Adam_ON_F\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\Adam_ON_F\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\Adam_ON_F\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\TEMP.Adam-PC_ON_F\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:[b]64bit:[/b] - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - File not found O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - File not found O9:[b]64bit:[/b] - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - File not found O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found O13:[b]64bit:[/b] - gopher Prefix: missing O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (Reg Error: Key error.) O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab (Reg Error: Key error.) O16 - DPF: {43E3F87D-DE7F-4087-BD4F-0DC854981158} http://download.microsoft.com/download/7/3/8/7384c441-3721-41ee-ae15-b678888f00dd/clearadj.CAB (CTAdjust Class) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?40459.6366898148 (Update Class) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://195.74.79.83:31/activex/AMC.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Reg Error: Key error.) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - File not found O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - File not found O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - File not found O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - File not found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O22:[b]64bit:[/b] - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - File not found O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/04/03 13:41:43 | 002,689,139 | ---- | M] () - C:\autosave.fos.bak -- [ NTFS ] O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (autocheck lsdelete) - File not found O34 - HKLM BootExecute: (autocheck lsdelete) - File not found O34 - HKLM BootExecute: (autocheck lsdelete) - File not found O34 - HKLM BootExecute: (autocheck lsdelete) - File not found O34 - HKLM BootExecute: (autocheck lsdelete) - File not found O34 - HKLM BootExecute: (C:\Windows\12542059.exe \??\C:\Windows\12542059.dat) - File not found O34 - HKLM BootExecute: (lsdelete) - File not found [b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found [b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/03/03 02:58:01 | 000,000,000 | ---D | C] -- C:\FRST [2012/03/02 17:02:12 | 000,000,000 | -HSD | C] -- C:\Boot [2012/03/02 06:46:27 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012/03/01 05:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/02/08 20:14:49 | 000,000,000 | ---D | C] -- C:\textures [2012/02/05 17:31:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Lost Watch II NV 3D Screensaver [2012/02/05 17:28:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sun Village NV 3D Screensaver [2010/07/07 14:36:44 | 000,014,336 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll [2010/07/07 14:10:22 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe [2009/02/13 04:02:52 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Program Files\devcon_amd64.exe [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/03/01 07:32:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/03/01 07:32:58 | 000,061,852 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000009-00000000-00000000-00001102-0000000B-00411102}.rfx [2012/03/01 07:32:58 | 000,061,852 | ---- | M] () -- C:\Windows\System32\BMXState-{00000009-00000000-00000000-00001102-0000000B-00411102}.rfx [2012/03/01 07:32:58 | 000,000,820 | ---- | M] () -- C:\Windows\System32\DVCState-{00000009-00000000-00000000-00001102-0000000B-00411102}.rfx [2012/03/01 07:32:52 | 000,036,000 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/03/01 07:32:52 | 000,036,000 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/03/01 06:39:04 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/03/01 05:39:03 | 000,001,044 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/03/01 05:35:35 | 000,668,434 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/03/01 05:35:35 | 000,128,978 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/03/01 05:30:39 | 1071,767,550 | -HS- | M] () -- C:\hiberfil.sys [2012/03/01 05:30:38 | 000,154,696 | ---- | M] () -- C:\Windows\System32\oodbs.lor [2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/03/02 17:09:56 | 000,333,257 | RHS- | C] () -- C:\bootmgr [2011/12/19 10:33:21 | 000,000,317 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\burnaware.ini [2011/07/19 09:18:13 | 011,173,888 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\Sandra.mdb [2011/05/13 15:18:06 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2011/03/15 10:27:17 | 000,772,338 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/07/07 15:23:10 | 000,017,868 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini [2010/07/07 14:33:04 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll [2010/07/07 14:21:00 | 000,384,647 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat [2010/07/07 14:21:00 | 000,051,787 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat [2010/07/07 14:10:30 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe [2009/07/01 04:12:32 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini [2009/04/25 08:38:09 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2009/04/25 08:38:09 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2009/04/22 04:53:08 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/04/22 01:38:04 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/04/22 01:36:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/04/21 23:19:08 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/04/21 23:01:26 | 000,245,248 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll [2009/04/21 22:40:32 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/04/21 22:12:28 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\hellp.exe [2009/04/21 21:23:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll [2009/04/21 20:04:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/03/20 10:26:09 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009/02/19 10:28:02 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini [color=#E56717]========== LOP Check ==========[/color] [2011/08/16 06:51:38 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Acronis [2011/03/19 10:27:25 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Ashampoo [2012/03/01 05:34:22 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Azureus [2009/05/16 12:21:57 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\DAEMON Tools Lite [2011/04/27 04:09:28 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\DAEMON Tools Pro [2011/05/17 08:50:44 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Nowe Gadu-Gadu [2011/10/19 05:19:47 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Origin [2012/03/01 05:33:05 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Raptr [2011/08/17 17:38:41 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\SPORE [2011/06/21 04:55:59 | 000,000,000 | ---D | M] -- C:\Users\Adam\AppData\Roaming\Western Digital [2011/08/17 06:59:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Acronis [2011/03/19 10:27:09 | 000,000,000 | ---D | M] -- C:\ProgramData\ashampoo [2009/04/25 08:04:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Azureus [2011/12/19 10:05:32 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite [2009/05/16 12:18:41 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Pro [2011/03/15 14:05:42 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core [2011/03/15 09:03:38 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Logs [2011/07/27 04:42:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts [2011/03/23 15:39:29 | 000,000,000 | ---D | M] -- C:\ProgramData\explauncher [2011/03/23 15:39:28 | 000,000,000 | ---D | M] -- C:\ProgramData\launcher [2011/10/19 05:50:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin [2011/03/19 06:28:38 | 000,000,000 | ---D | M] -- C:\ProgramData\PassMark [2009/04/25 08:04:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Razer [2011/11/10 08:42:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Rockstar Games [2011/03/24 09:01:14 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP [2011/08/17 14:21:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Western Digital [2011/03/15 07:02:20 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip [2011/08/09 09:54:23 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\At1.job [2011/03/24 09:51:19 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 177 bytes -> C:\ProgramData\TEMP:1AAB2E68 < End of report >