OTL logfile created on: 2012-03-04 18:04:28 - Run 2 OTL by OldTimer - Version 3.2.33.2 Folder = D:\Users\Przemek\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19190) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 69,09% Memory free 6,20 Gb Paging File | 5,23 Gb Available in Paging File | 84,44% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files Drive C: | 232,75 Gb Total Space | 12,15 Gb Free Space | 5,22% Space Free | Partition Type: NTFS Drive D: | 233,00 Gb Total Space | 9,21 Gb Free Space | 3,95% Space Free | Partition Type: NTFS Computer Name: 6T47K | User Name: Przemek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-02-27 20:16:59 | 000,583,680 | ---- | M] (OldTimer Tools) -- D:\Users\Przemek\Desktop\OTL.exe PRC - [2012-01-24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG2012\avgtray.exe PRC - [2011-12-29 22:29:04 | 000,497,496 | ---- | M] (IObit) -- D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe PRC - [2011-12-29 16:43:30 | 000,620,376 | ---- | M] (IObit) -- D:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe PRC - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG2012\avgnsx.exe PRC - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG2012\AVGIDSAgent.exe PRC - [2011-10-10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG2012\avgemcx.exe PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG2012\avgrsx.exe PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG2012\avgcsrvx.exe PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- D:\Program Files\AVG\AVG2012\avgwdsvc.exe PRC - [2011-01-07 21:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2011-01-07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe PRC - [2009-01-17 15:48:08 | 005,853,672 | ---- | M] (o2.pl Sp. z o.o.) -- D:\Program Files\Tlen.pl\tlen.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011-04-21 16:54:40 | 000,347,024 | ---- | M] () -- D:\Program Files\IObit\Advanced SystemCare 5\madexcept_.bpl MOD - [2011-04-21 16:54:40 | 000,179,088 | ---- | M] () -- D:\Program Files\IObit\Advanced SystemCare 5\madbasic_.bpl MOD - [2011-04-21 16:54:40 | 000,046,480 | ---- | M] () -- D:\Program Files\IObit\Advanced SystemCare 5\maddisAsm_.bpl MOD - [2009-01-17 15:47:38 | 000,033,792 | ---- | M] () -- D:\Program Files\Tlen.pl\languages\polish.dll MOD - [2009-01-06 12:55:46 | 000,061,464 | ---- | M] () -- D:\Program Files\Tlen.pl\plugins\TlenSMS.tpl MOD - [2008-12-23 15:11:32 | 000,195,096 | ---- | M] () -- D:\Program Files\Tlen.pl\plugins\Video.tpl MOD - [2008-12-22 14:32:06 | 000,093,720 | ---- | M] () -- D:\Program Files\Tlen.pl\plugins\Voice.tpl MOD - [2008-12-16 14:51:44 | 000,151,552 | ---- | M] () -- D:\Program Files\Tlen.pl\libgadu.dll MOD - [2008-07-22 08:49:48 | 000,075,800 | ---- | M] () -- D:\Program Files\Tlen.pl\plugins\FileTM.tpl MOD - [2008-07-22 08:49:40 | 000,106,520 | ---- | M] () -- D:\Program Files\Tlen.pl\plugins\File.tpl MOD - [2008-06-19 13:20:08 | 000,017,408 | ---- | M] () -- D:\Program Files\Tlen.pl\hook.dll MOD - [2008-06-19 13:15:54 | 000,030,720 | ---- | M] () -- D:\Program Files\Tlen.pl\libutil2.dll MOD - [2008-06-19 13:15:46 | 000,139,264 | ---- | M] () -- D:\Program Files\Tlen.pl\libexpat2.dll MOD - [2008-01-15 15:57:06 | 000,349,720 | ---- | M] () -- D:\Program Files\Tlen.pl\plugins\Tlenofon.tpl MOD - [2007-10-05 14:00:58 | 000,181,248 | ---- | M] () -- D:\Program Files\Tlen.pl\libutil.dll MOD - [2005-11-18 10:33:58 | 000,054,784 | ---- | M] () -- D:\Program Files\Tlen.pl\libs\libexpat.dll MOD - [2005-10-14 12:17:28 | 000,044,056 | ---- | M] () -- D:\Program Files\Tlen.pl\plugins\TlenDostep.tpl MOD - [2005-05-25 10:21:16 | 000,031,768 | ---- | M] () -- D:\Program Files\Tlen.pl\plugins\TlenNewsy.tpl MOD - [2003-01-30 05:04:00 | 000,618,496 | ---- | M] () -- D:\Program Files\Tlen.pl\stlpmt45.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-12-29 22:29:04 | 000,497,496 | ---- | M] (IObit) [Auto | Running] -- D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5) SRV - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- D:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011-01-07 19:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- D:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2008-01-21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-12-14 11:46:28 | 000,047,624 | ---- | M] () [On_Demand | Stopped] -- D:\Program Files\GIGABYTE\GEST\GSvr.exe -- (GEST Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-10-07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- D:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2011-10-04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011-09-13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- D:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86) DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- D:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- D:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011-07-11 01:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011-07-11 01:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - [2011-07-11 01:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2011-06-26 20:53:52 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- D:\Windows\gdrv.sys -- (gdrv) DRV - [2011-02-23 15:56:41 | 000,192,728 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2) DRV - [2011-01-08 04:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- D:\Windows\System32\drivers\npf.sys -- (npf) DRV - [2009-11-15 22:48:16 | 000,017,408 | ---- | M] (AdwareAway.net) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\DiagnosticScan.SYS -- (DiagnosticScan) DRV - [2009-10-19 10:21:41 | 000,005,120 | ---- | M] (F.Y.N. Technology Inc.) [Kernel | System | Running] -- D:\Windows\System32\drivers\Start1Driver.SYS -- (Start1Driver) DRV - [2009-04-01 17:32:38 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2009-02-10 16:23:02 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- D:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2009-02-04 14:42:16 | 000,078,848 | ---- | M] () [Kernel | System | Running] -- D:\Windows\System32\drivers\SSHDRV85.sys -- (SSHDRV85) DRV - [2009-02-03 16:36:58 | 000,059,000 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2009-01-11 13:52:08 | 000,026,000 | ---- | M] (IPortent LTD) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\ndiszapu.sys -- (ndiszapu) DRV - [2008-11-04 19:21:04 | 000,083,296 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- D:\Windows\system32\DRIVERS\jraid.sys -- (JRAID) DRV - [2008-11-03 15:03:28 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr) DRV - [2008-01-20 17:56:12 | 000,187,840 | ---- | M] (Stephan Schreiber) [File_System | System | Running] -- D:\Windows\System32\drivers\ext2fs.sys -- (Ext2fs) DRV - [2007-12-29 19:50:42 | 000,058,816 | ---- | M] (Stephan Schreiber) [Kernel | System | Running] -- D:\Windows\System32\drivers\ifsmount.sys -- (IfsMount) DRV - [2007-10-11 11:10:52 | 000,030,008 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\ET5Drv.sys -- (ET5Drv) DRV - [2007-09-17 16:17:36 | 000,098,816 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007-02-08 18:44:43 | 000,083,320 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x) DRV - [2006-12-23 10:44:59 | 000,080,768 | ---- | M] (Protection Technology) [Kernel | System | Running] -- D:\Windows\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2006-12-23 10:43:17 | 000,077,120 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2006-11-25 01:40:50 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006-11-10 14:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- D:\Windows\System32\drivers\SysTool.sys -- (SysTool) DRV - [2006-11-10 14:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- D:\Windows\System32\drivers\ATITool.sys -- (ATITool) DRV - [2006-09-24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- D:\Windows\system32\speedfan.sys -- (speedfan) DRV - [2006-07-10 17:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2006-06-14 15:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) DRV - [2005-12-21 10:16:58 | 000,007,136 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\prosync1.sys -- (prosync1) DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\..\URLSearchHook: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {31c7d459-9cc3-44f2-9dca-fc11795309b4} - No CLSID value found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-991809735-3224259984-1125419291-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl/firefox?client=fir" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: FasterFox_Lite@BigRedBrent:3.9.1Lite FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.2.2 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: D:\Program Files\AVG\AVG2012\Firefox4\ [2012-01-31 20:16:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012-02-28 21:25:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2011-11-27 07:50:09 | 000,000,000 | ---D | M] [2010-05-16 19:48:01 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Przemek\AppData\Roaming\mozilla\Extensions [2012-03-02 04:45:04 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\00phb4lg.default\extensions [2010-08-29 13:28:22 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\3nfk87r4.default\extensions [2010-03-25 01:21:32 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\3nfk87r4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-03-25 01:21:33 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\3nfk87r4.default\extensions\{31c7d459-9cc3-44f2-9dca-fc11795309b4} [2010-08-29 13:28:22 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- D:\Users\Przemek\AppData\Roaming\mozilla\Firefox\Profiles\3nfk87r4.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2012-02-28 21:25:46 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions () (No name found) -- D:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\00PHB4LG.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI () (No name found) -- D:\USERS\PRZEMEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\00PHB4LG.DEFAULT\EXTENSIONS\FASTERFOX_LITE@BIGREDBRENT.XPI [2012-02-16 16:14:21 | 000,134,104 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll [2010-07-14 01:02:55 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010-07-12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- D:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-02-16 12:12:03 | 000,002,767 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-16 12:12:03 | 000,001,406 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-16 12:12:03 | 000,000,917 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-16 12:12:03 | 000,000,858 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-16 12:12:03 | 000,001,183 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-16 12:12:03 | 000,001,683 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found. O2 - BHO: (no name) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {dd1d5372-6469-4301-8760-cbf0980bf4ae} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {DD1D5372-6469-4301-8760-CBF0980BF4AE} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {DD1D5372-6469-4301-8760-CBF0980BF4AE} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found. O3 - HKU\S-1-5-21-991809735-3224259984-1125419291-1000\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found. O3 - HKU\S-1-5-21-991809735-3224259984-1125419291-1000\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found. O3 - HKU\S-1-5-21-991809735-3224259984-1125419291-1000\..\Toolbar\WebBrowser: (no name) - {DD1D5372-6469-4301-8760-CBF0980BF4AE} - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] D:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] D:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] D:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-991809735-3224259984-1125419291-1000..\Run: [Advanced SystemCare 5] D:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (IObit) O4 - HKU\S-1-5-21-991809735-3224259984-1125419291-1000..\Run: [Komunikator] D:\Program Files\Tlen.pl\tlen.exe (o2.pl Sp. z o.o.) O4 - Startup: D:\Users\All Users\Activision [2010-12-27 12:47:48 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Alwil Software [2011-02-24 04:02:08 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\AVG2012 [2011-12-01 17:08:02 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Backup [2010-03-29 12:41:38 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Common Files [2011-11-10 11:55:59 | 000,000,000 | -H-D | M] O4 - Startup: D:\Users\All Users\Dane aplikacji [2008-12-05 02:17:47 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\Desktop [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\DivoGames [2010-12-21 20:21:05 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Documents [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\Dokumenty [2008-12-05 02:17:47 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\Electronic Arts [2011-02-11 00:36:31 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Favorites [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\FreeApp [2011-01-16 01:13:49 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Futuremark [2010-07-22 12:23:58 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Gadu-Gadu 10 [2010-03-25 19:10:56 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\InstallShield [2009-09-10 21:36:24 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\IObit [2012-03-01 03:06:07 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\ipla [2012-01-05 20:32:18 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Malwarebytes [2011-12-02 13:11:58 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\McAfee [2012-02-29 23:12:16 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Media Center Programs [2009-10-21 12:21:17 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Menu Start [2008-12-05 02:17:47 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\MFAData [2012-03-04 17:14:56 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Microsoft [2011-02-23 04:35:22 | 000,000,000 | --SD | M] O4 - Startup: D:\Users\All Users\NOS [2010-02-07 00:18:02 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\NVIDIA [2012-03-04 17:51:09 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\NVIDIA Corporation [2011-02-07 18:52:26 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\nvModes.001 () O4 - Startup: D:\Users\All Users\nvModes.dat () O4 - Startup: D:\Users\All Users\OpenFM [2011-02-07 22:36:02 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Pulpit [2008-12-05 02:17:47 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\RDRM [2011-11-13 16:38:04 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Skype [2010-03-31 18:49:32 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Solidshield [2011-02-02 13:31:35 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Stardock [2010-07-25 07:03:47 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Start Menu [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\Sun [2010-07-12 13:25:34 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Szablony [2008-12-05 02:17:47 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\TEMP [2010-12-13 08:10:51 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Templates [2006-11-02 14:02:04 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\Tlen.pl [2010-05-16 21:44:25 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Trymedia [2008-08-21 04:31:30 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\TuneUp Software [2010-07-20 22:10:09 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\Ulubione [2008-12-05 02:17:47 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\All Users\WindowsSearch [2012-01-03 19:14:36 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\All Users\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010-07-20 22:09:52 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Default\AppData [2006-11-02 12:18:34 | 000,000,000 | -H-D | M] O4 - Startup: D:\Users\Default\Application Data [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Default\Cookies [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Default\Dane aplikacji [2008-12-05 02:17:47 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Default\Documents [2009-04-25 21:34:07 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Default\Local Settings [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Default\NetHood [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Default\NTUSER.DAT () O4 - Startup: D:\Users\Default\ntuser.dat.LOG1 () O4 - Startup: D:\Users\Default\ntuser.dat.LOG2 () O4 - Startup: D:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf () O4 - Startup: D:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: D:\Users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: D:\Users\Default\PrintHood [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Default\Szablony [2008-12-05 02:17:47 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Default\Templates [2006-11-02 14:02:03 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Default\Ustawienia lokalne [2008-12-05 02:17:47 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Przemek\.gegl-0.0 [2010-12-22 23:42:32 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\Przemek\.gimp-2.6 [2012-01-25 03:34:26 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\Przemek\.gstreamer-0.10 [2009-11-16 11:48:30 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\Przemek\.javamod.properties () O4 - Startup: D:\Users\Przemek\.recently-used.xbel () O4 - Startup: D:\Users\Przemek\.thumbnails [2011-11-16 22:27:47 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\Przemek\AppData [2008-12-05 02:19:34 | 000,000,000 | -H-D | M] O4 - Startup: D:\Users\Przemek\Contacts [2009-09-19 15:50:50 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\Cookies [2008-12-05 02:19:21 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Przemek\Dane aplikacji [2008-12-05 02:19:21 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Przemek\Desktop [2012-03-04 17:25:56 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\Documents [2012-03-04 17:15:47 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\Dokumenty — skrót.lnk = D:\Users\Przemek\Documents [2012-03-04 17:15:47 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\Downloads [2012-03-04 17:47:45 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\Favorites [2011-02-26 23:41:29 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\Gadu-Gadu [2012-01-24 18:25:51 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\Przemek\Links [2010-07-09 20:40:03 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\Music [2012-01-26 21:43:50 | 000,000,000 | --SD | M] O4 - Startup: D:\Users\Przemek\NetHood [2008-12-05 02:19:21 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Przemek\ntuser.dat () O4 - Startup: D:\Users\Przemek\ntuser.dat.LOG1 () O4 - Startup: D:\Users\Przemek\ntuser.dat.LOG2 () O4 - Startup: D:\Users\Przemek\ntuser.dat.tmp.LOG1 () O4 - Startup: D:\Users\Przemek\ntuser.dat.tmp.LOG2 () O4 - Startup: D:\Users\Przemek\ntuser.dat_previous () O4 - Startup: D:\Users\Przemek\NTUSER.DAT_tureg_new.LOG1 () O4 - Startup: D:\Users\Przemek\NTUSER.DAT_tureg_new.LOG2 () O4 - Startup: D:\Users\Przemek\ntuser.dat{32f2f96c-4450-11e0-bf2f-00e01c3beb80}.TM.blf () O4 - Startup: D:\Users\Przemek\ntuser.dat{32f2f96c-4450-11e0-bf2f-00e01c3beb80}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: D:\Users\Przemek\ntuser.dat{32f2f96c-4450-11e0-bf2f-00e01c3beb80}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: D:\Users\Przemek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf () O4 - Startup: D:\Users\Przemek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: D:\Users\Przemek\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: D:\Users\Przemek\ntuser.dat{5c81881b-affc-11df-b741-806e6f6e6963}.TM.blf () O4 - Startup: D:\Users\Przemek\ntuser.dat{5c81881b-affc-11df-b741-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: D:\Users\Przemek\ntuser.dat{5c81881b-affc-11df-b741-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: D:\Users\Przemek\ntuser.dat{5dbf0607-3a13-11e0-9a1d-00e01c3beb80}.TM.blf () O4 - Startup: D:\Users\Przemek\ntuser.dat{5dbf0607-3a13-11e0-9a1d-00e01c3beb80}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: D:\Users\Przemek\ntuser.dat{5dbf0607-3a13-11e0-9a1d-00e01c3beb80}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: D:\Users\Przemek\ntuser.dat{aa7a5ffc-9446-11df-81e5-806e6f6e6963}.TM.blf () O4 - Startup: D:\Users\Przemek\ntuser.dat{aa7a5ffc-9446-11df-81e5-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms () O4 - Startup: D:\Users\Przemek\ntuser.dat{aa7a5ffc-9446-11df-81e5-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms () O4 - Startup: D:\Users\Przemek\ntuser.ini () O4 - Startup: D:\Users\Przemek\Pictures [2012-02-29 12:24:33 | 000,000,000 | --SD | M] O4 - Startup: D:\Users\Przemek\PrintHood [2008-12-05 02:19:21 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Przemek\Saved Games [2009-10-10 00:25:33 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\Searches [2009-09-19 15:50:50 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\Szablony [2008-12-05 02:19:21 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Przemek\Ustawienia lokalne [2008-12-05 02:19:21 | 000,000,000 | -HSD | M] O4 - Startup: D:\Users\Przemek\Videos [2010-06-11 21:56:02 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Przemek\xobglu16.dll () O4 - Startup: D:\Users\Przemek\xobglu32.dll () O4 - Startup: D:\Users\Przemek\{05cadbc9-ca01-43e9-84eb-4e848305e9db} [2011-06-26 20:54:32 | 000,000,000 | ---D | M] O4 - Startup: D:\Users\Public\Desktop [2012-03-01 03:14:44 | 000,000,000 | RH-D | M] O4 - Startup: D:\Users\Public\Documents [2011-02-14 19:36:54 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Public\Downloads [2010-11-01 00:05:51 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Public\Favorites [2006-11-02 11:23:35 | 000,000,000 | RH-D | M] O4 - Startup: D:\Users\Public\Music [2010-07-21 02:36:01 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Public\Pictures [2009-10-15 00:46:46 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Public\Recorded TV [2011-12-10 19:45:35 | 000,000,000 | R--D | M] O4 - Startup: D:\Users\Public\Videos [2009-09-19 15:50:50 | 000,000,000 | R--D | M] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Toolbar present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Toolbar present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Toolbar present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Toolbar present O7 - HKU\S-1-5-21-991809735-3224259984-1125419291-1000\Software\Policies\Microsoft\Internet Explorer\Toolbar present O7 - HKU\S-1-5-21-991809735-3224259984-1125419291-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.59.121.202 195.187.244.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38005A65-F179-4A84-BA33-A0840DCA566D}: DhcpNameServer = 193.59.121.202 195.187.244.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9EC2407-AAF2-45B2-B4DE-BBEA2FBD5EA4}: DhcpNameServer = 193.59.121.202 195.187.244.8 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - AppInit_DLLs: (wbsys.dll) - D:\Windows\System32\wbsys.dll (Stardock.Net, Inc) O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) - D:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\WB: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O24 - Desktop WallPaper: D:\Users\Przemek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: D:\Users\Przemek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-12-05 01:30:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk /p \??\D) O34 - HKLM BootExecute: (autocheck autochk /p \??\D) O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (",D:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart,) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-03-04 17:25:52 | 000,000,000 | ---D | C] -- D:\Users\Przemek\AppData\Roaming\Process Hacker 2 [2012-03-04 17:23:42 | 000,000,000 | ---D | C] -- D:\Program Files\Process Hacker 2 [2012-03-01 03:50:15 | 002,044,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys [2012-03-01 03:47:54 | 000,602,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll [2012-03-01 03:47:54 | 000,387,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iedkcs32.dll [2012-03-01 03:47:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll [2012-03-01 03:47:54 | 000,164,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll [2012-03-01 03:47:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedsbs.dll [2012-03-01 03:47:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll [2012-03-01 03:47:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jsproxy.dll [2012-03-01 03:47:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe [2012-03-01 03:47:52 | 000,385,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec [2012-03-01 03:47:51 | 001,638,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtml.tlb [2012-03-01 03:47:51 | 001,469,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl [2012-03-01 03:47:51 | 000,611,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mstime.dll [2012-03-01 03:47:51 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe [2012-03-01 03:47:50 | 000,174,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe [2012-03-01 03:47:50 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll [2012-03-01 03:47:50 | 000,105,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll [2012-03-01 03:47:50 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll [2012-03-01 03:47:50 | 000,055,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll [2012-03-01 03:38:31 | 000,021,848 | ---- | C] (IObit) -- D:\Windows\System32\RegistryDefragBootTime.exe [2012-03-01 03:05:56 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5 [2012-02-29 23:19:01 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl [2012-02-29 23:12:16 | 000,000,000 | ---D | C] -- D:\ProgramData\McAfee [2012-02-29 23:12:15 | 000,000,000 | R--D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [2012-02-29 10:45:30 | 000,000,000 | ---D | C] -- D:\Users\Przemek\AppData\Roaming\.wtw [2012-02-28 20:35:13 | 000,583,680 | ---- | C] (OldTimer Tools) -- D:\Users\Przemek\Desktop\OTL.exe [2012-02-18 12:49:56 | 000,000,000 | ---D | C] -- D:\Program Files\WinPcap [2012-02-05 22:50:41 | 000,000,000 | ---D | C] -- D:\Users\Przemek\Desktop\Zelda Majora's Mask cd 2 [2012-02-05 22:39:39 | 000,000,000 | ---D | C] -- D:\Users\Przemek\Desktop\Zelda Majora's Mask cd 1 [3 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-03-04 18:03:51 | 006,533,120 | ---- | M] () -- D:\Users\Przemek\ntuser.dat [2012-03-04 18:02:10 | 000,000,466 | -H-- | M] () -- D:\Windows\tasks\User_Feed_Synchronization-{F5BC2579-3510-4DA9-9293-FD9DB16A8ACC}.job [2012-03-04 17:58:32 | 000,004,096 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-03-04 17:58:32 | 000,004,096 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-03-04 17:50:42 | 000,000,006 | -H-- | M] () -- D:\Windows\tasks\SA.DAT [2012-03-04 17:50:39 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat [2012-03-04 17:49:22 | 000,524,288 | -HS- | M] () -- D:\Users\Przemek\ntuser.dat{32f2f96c-4450-11e0-bf2f-00e01c3beb80}.TMContainer00000000000000000001.regtrans-ms [2012-03-04 17:49:22 | 000,065,536 | -HS- | M] () -- D:\Users\Przemek\ntuser.dat{32f2f96c-4450-11e0-bf2f-00e01c3beb80}.TM.blf [2012-03-04 17:49:21 | 001,958,002 | -H-- | M] () -- D:\Users\Przemek\AppData\Local\IconCache.db [2012-03-04 17:14:52 | 090,768,646 | ---- | M] () -- D:\Windows\System32\drivers\AVG\incavi.avm [2012-03-02 04:24:09 | 000,229,208 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT [2012-03-01 03:50:15 | 002,044,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys [2012-03-01 03:47:54 | 000,602,112 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll [2012-03-01 03:47:54 | 000,387,584 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iedkcs32.dll [2012-03-01 03:47:54 | 000,184,320 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll [2012-03-01 03:47:54 | 000,164,352 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll [2012-03-01 03:47:54 | 000,055,296 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedsbs.dll [2012-03-01 03:47:54 | 000,043,520 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll [2012-03-01 03:47:54 | 000,025,600 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\jsproxy.dll [2012-03-01 03:47:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe [2012-03-01 03:47:52 | 000,385,024 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\html.iec [2012-03-01 03:47:51 | 001,638,912 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtml.tlb [2012-03-01 03:47:51 | 001,469,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl [2012-03-01 03:47:51 | 000,611,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mstime.dll [2012-03-01 03:47:51 | 000,133,632 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe [2012-03-01 03:47:50 | 000,174,080 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe [2012-03-01 03:47:50 | 000,109,056 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll [2012-03-01 03:47:50 | 000,105,984 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\url.dll [2012-03-01 03:47:50 | 000,071,680 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll [2012-03-01 03:47:50 | 000,055,808 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll [2012-03-01 03:05:57 | 000,000,992 | ---- | M] () -- D:\Users\Public\Desktop\Advanced SystemCare 5.lnk [2012-03-01 02:56:37 | 000,097,792 | ---- | M] () -- D:\Users\Przemek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-02-29 23:19:01 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl [2012-02-28 21:25:49 | 000,000,818 | ---- | M] () -- D:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-02-27 20:16:59 | 000,583,680 | ---- | M] (OldTimer Tools) -- D:\Users\Przemek\Desktop\OTL.exe [2012-02-16 16:47:59 | 000,000,392 | ---- | M] () -- D:\Windows\tasks\AWC Update.job [2012-02-14 17:12:22 | 000,354,225 | ---- | M] () -- D:\Windows\System32\drivers\AVG\iavichjg.avm [3 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-03-01 03:21:06 | 006,533,120 | ---- | C] () -- D:\Users\Przemek\ntuser.dat [2012-03-01 03:05:57 | 000,000,992 | ---- | C] () -- D:\Users\Public\Desktop\Advanced SystemCare 5.lnk [2012-02-28 21:12:23 | 000,000,830 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-12-15 22:36:16 | 000,444,283 | ---- | C] () -- D:\Program Files\Common Files\WinPcapNmap.exe [2011-11-16 00:02:19 | 000,000,038 | ---- | C] () -- D:\Windows\avisplitter.ini [2011-11-16 00:02:18 | 003,596,288 | ---- | C] () -- D:\Windows\System32\qt-dx331.dll [2011-11-16 00:02:18 | 000,795,648 | ---- | C] () -- D:\Windows\System32\xvidcore.dll [2011-11-16 00:02:18 | 000,130,048 | ---- | C] () -- D:\Windows\System32\xvidvfw.dll [2011-11-16 00:02:17 | 000,084,480 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll [2011-11-16 00:02:17 | 000,000,547 | ---- | C] () -- D:\Windows\System32\ff_vfw.dll.manifest [2011-11-15 04:54:08 | 000,175,616 | ---- | C] () -- D:\Windows\System32\unrar.dll [2011-04-19 11:48:06 | 001,958,002 | -H-- | C] () -- D:\Users\Przemek\AppData\Local\IconCache.db [2011-04-09 17:55:28 | 000,179,261 | ---- | C] () -- D:\Windows\System32\xlive.dll.cat [2010-07-22 13:48:06 | 000,000,056 | ---- | C] () -- D:\Windows\wb.ini [2010-07-22 00:42:22 | 000,000,537 | ---- | C] () -- D:\Windows\FICEDULA.INI [2010-07-07 18:20:29 | 000,022,328 | ---- | C] () -- D:\Users\Przemek\AppData\Roaming\PnkBstrK.sys [2010-06-25 06:53:57 | 000,000,023 | ---- | C] () -- D:\Windows\salenmario.INI [2010-03-25 01:41:53 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat [color=#E56717]========== LOP Check ==========[/color] [2012-02-29 10:45:30 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\.wtw [2009-11-09 00:37:14 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Activision [2011-11-26 00:28:31 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Audacity [2011-12-01 16:55:55 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\AVG2012 [2011-11-11 01:16:31 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Azureus [2010-02-20 08:43:55 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Bioshock2 [2010-07-09 22:15:38 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\BlackBean [2008-12-05 19:45:52 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Canneverbe_Limited [2010-07-25 04:59:01 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\CheeseSoft [2009-09-19 15:50:45 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\DAEMON Tools [2009-09-19 15:50:45 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\DeepBurner [2009-02-20 13:12:29 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\FRISK Software [2012-01-24 18:30:01 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Gadu-Gadu [2011-06-07 17:02:45 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Gadu-Gadu 10 [2010-07-25 04:55:47 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\GlarySoft [2012-01-25 03:27:52 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\gtk-2.0 [2012-01-06 15:41:26 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\InImages [2012-03-01 03:38:36 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\IObit [2012-01-27 21:59:44 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\ipla [2009-04-16 23:47:27 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\MuldeR [2011-05-23 04:57:32 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\NationRed [2009-11-17 12:40:16 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Nowe Gadu-Gadu [2009-10-07 19:59:49 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\OpenFM [2009-02-20 15:31:54 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\PCToolsFirewallPlus [2009-02-20 15:31:47 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\PCToolsSpamMonitorPlus [2008-12-23 10:36:38 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Pmcc [2012-03-04 17:25:52 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Process Hacker 2 [2010-12-19 05:49:43 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Sahmon Games [2009-01-10 23:04:15 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Tank Combat [2011-01-02 11:14:36 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Thinstall [2010-12-20 12:48:02 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Tlen.pl [2010-07-20 22:10:16 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\TuneUp Software [2009-12-06 07:09:49 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\Uniblue [2010-03-29 16:15:04 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\URSoft [2011-12-07 10:51:55 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\uTorrent [2011-12-15 22:37:33 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\VDownloader [2010-07-25 08:44:20 | 000,000,000 | ---D | M] -- D:\Users\Przemek\AppData\Roaming\VSRevoGroup [2012-02-16 16:47:59 | 000,000,392 | ---- | M] () -- D:\Windows\Tasks\AWC Update.job [2012-03-04 17:49:25 | 000,032,562 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT [2012-03-04 18:02:10 | 000,000,466 | -H-- | M] () -- D:\Windows\Tasks\User_Feed_Synchronization-{F5BC2579-3510-4DA9-9293-FD9DB16A8ACC}.job [color=#E56717]========== Purity Check ==========[/color] < End of report >