OTL logfile created on: 2012-06-09 17:18:14 - Run 1 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Jarek\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,90 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 51,90% Memory free 7,80 Gb Paging File | 5,82 Gb Available in Paging File | 74,66% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 52,26 Gb Total Space | 24,12 Gb Free Space | 46,15% Space Free | Partition Type: NTFS Drive E: | 96,70 Gb Total Space | 93,68 Gb Free Space | 96,88% Space Free | Partition Type: NTFS Computer Name: JAREK-PC | User Name: Jarek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-09 17:17:49 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jarek\Desktop\OTL.exe PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-03-27 17:16:10 | 000,082,944 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe PRC - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-12-09 18:22:26 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2009-03-05 17:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-10-20 19:47:32 | 002,580,480 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN PRC - [2008-10-20 19:47:30 | 002,363,392 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-05-09 20:05:27 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll MOD - [2012-05-09 20:05:19 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll MOD - [2012-05-09 20:05:17 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll MOD - [2012-05-09 20:04:58 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012-05-09 20:04:54 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012-05-09 20:04:53 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012-05-09 20:04:38 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012-02-20 22:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012-02-20 22:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2007-12-19 16:04:24 | 000,828,416 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 2.4\program\libxml2.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-03-07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:[b]64bit:[/b] - [2009-07-14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2007-06-01 03:02:16 | 000,043,568 | ---- | M] (Lenovo) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC) SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-05-04 20:28:27 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-27 17:16:10 | 000,082,944 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver) SRV - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:[b]64bit:[/b] - [2012-04-04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:[b]64bit:[/b] - [2012-03-14 08:40:04 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF) DRV:[b]64bit:[/b] - [2012-03-14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:[b]64bit:[/b] - [2012-03-14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012-02-15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2012-01-18 16:56:08 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) DRV:[b]64bit:[/b] - [2012-01-18 16:56:06 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2011-02-11 20:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010-04-23 01:17:40 | 000,318,000 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009-09-15 20:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Sterownik karty Intel(R) DRV:[b]64bit:[/b] - [2009-07-22 07:57:58 | 000,647,168 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-07-14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009-06-10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009-06-10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:[b]64bit:[/b] - [2009-06-10 21:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Intel(R) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009-05-18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2007-06-01 03:01:52 | 000,026,928 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 05 7C 68 4C 20 DE CC 01 [binary data] IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\InprocServer32 File not found IE - HKCU\..\SearchScopes,DefaultScope = {21A77ED8-05D3-42E8-A13A-8DBEE7E46545} IE - HKCU\..\SearchScopes\{040DF0A8-8CEB-4F1E-80CD-937894C17ADD}: "URL" = http://szukaj.onet.pl/prox_query.html?qfor=zumi&q={searchTerms} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\..\SearchScopes\{21A77ED8-05D3-42E8-A13A-8DBEE7E46545}: "URL" = http://szukaj.onet.pl/prox_query.html?qfor=szukaj&q={searchTerms} IE - HKCU\..\SearchScopes\{2277F55D-A1F9-4FB1-9E00-2719B41E87F9}: "URL" = http://www.google.pl/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKCU\..\SearchScopes\{580FF9B6-24D8-49B5-B821-8E431325628C}: "URL" = http://szukaj.onet.pl/prox_query.html?qfor=szukaj_onet&q={searchTerms} IE - HKCU\..\SearchScopes\{7289BE1E-DD22-4B47-856C-5E53199BBCB1}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=DDR&o=16620&src=crm&q={searchTerms}&locale=en_UK&apn_ptnrs=1P&apn_dtid=YYYYYYYYGB&apn_uid=28B760D5-F365-413F-BADF-BF063D19EB29&apn_sauid=083622F1-AA3F-48D5-B6BD-68E6915F0352 IE - HKCU\..\SearchScopes\{993CF656-5BFD-46A9-B74B-C3BD6B72CB6B}: "URL" = http://szukaj.onet.pl/addons/prox_query.html?qfor=ludzie&q={searchTerms} IE - HKCU\..\SearchScopes\{B11DD595-48E4-4121-AC1E-E036970B388F}: "URL" = http://szukaj.onet.pl/prox_query.html?qfor=slownik&q={searchTerms} IE - HKCU\..\SearchScopes\{B6F15E09-0DCE-4867-80BC-AB7769796D24}: "URL" = http://szukaj.onet.pl/prox_query.html?qfor=zakupy&q={searchTerms} IE - HKCU\..\SearchScopes\{DF5FF1A9-5242-47B6-82E4-C020DEE5515E}: "URL" = http://szukaj.onet.pl/prox_query.html?qfor=encyklopedia&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;*.local [color=#E56717]========== FireFox ==========[/color] FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012-06-02 16:42:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012-04-01 16:40:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-06-02 16:42:19 | 000,000,000 | ---D | M] O1 HOSTS File: ([2012-06-03 08:05:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll File not found O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Onet.pl AutoUpdate] C:\Program Files (x86)\Common Files\Onet.pl\AutoUpdate.exe (Onet.pl) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" File not found O4 - HKCU..\Run: [pirtsc] rundll32.exe "C:\Users\Jarek\AppData\Roaming\pirtsc.dll",SteamGameServerUtils File not found O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files (x86)\OpenOffice.org 2.4\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} http://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab (IASRunner Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24F6835A-8317-4A13-82E8-AF917DF83780}: DhcpNameServer = 194.168.4.100 194.168.8.100 O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-09 17:17:38 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Jarek\Desktop\OTL.exe [2012-06-09 10:35:52 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{9C76A902-85C8-4BC6-B186-64F058E00A54} [2012-06-09 10:35:28 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{625186F7-BD6F-4DE9-8FDC-4B8A60B0C2E7} [2012-06-08 21:57:27 | 000,000,000 | ---D | C] -- C:\sh4ldr [2012-06-08 21:57:27 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2012-06-08 21:57:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012-06-08 21:50:38 | 000,101,576 | ---- | C] (ESET) -- C:\Users\Jarek\Desktop\decoder.exe [2012-06-08 21:47:49 | 000,138,120 | ---- | C] (ESET) -- C:\Users\Jarek\Desktop\ESETSirefefRemover.exe [2012-06-08 20:50:41 | 000,000,000 | ---D | C] -- C:\Users\Jarek\Documents\MD5319 [2012-06-08 20:48:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio [2012-06-08 20:47:54 | 000,131,072 | ---- | C] (Sunplus) -- C:\Windows\SysWow64\SP5X_32.DLL [2012-06-08 20:47:54 | 000,024,576 | ---- | C] (Microsoft Corporation (Sample)) -- C:\Windows\SysWow64\dext504.ax [2012-06-08 20:47:53 | 000,516,149 | ---- | C] (Digital Camera.) -- C:\Windows\SysWow64\drivers\ca504av.sys [2012-06-08 20:47:53 | 000,073,216 | ---- | C] (Smaller Animals Software) -- C:\Windows\SysWow64\RGBQUANT.DLL [2012-06-08 20:47:53 | 000,069,632 | ---- | C] (Sunplus Technology LTD.) -- C:\Windows\SysWow64\vfw504.dll [2012-06-08 20:47:53 | 000,010,986 | ---- | C] (USB BULK) -- C:\Windows\SysWow64\drivers\Bulk504.sys [2012-06-08 20:47:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012-06-08 20:47:53 | 000,000,000 | ---D | C] -- C:\Windows\setup504 [2012-06-08 20:47:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MD5319 [2012-06-08 20:47:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mega Camera Manager [2012-06-08 20:47:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012-06-08 17:58:12 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{47E72AC2-937B-4627-ACA1-5A6D8C2E8C60} [2012-06-07 21:11:31 | 000,000,000 | ---D | C] -- C:\Quarantine [2012-06-07 17:48:29 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{F17BACFC-D6A6-4C28-B161-2D73C5761FE6} [2012-06-07 17:48:07 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{E91159DF-54A4-4721-A966-B1EAB5D00E84} [2012-06-06 18:40:49 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{3869FAB3-FE75-465F-BBB3-96BEA2E7BDC2} [2012-06-06 18:40:25 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{F6EF50DD-7081-47B7-AD88-875134637BC6} [2012-06-05 19:16:24 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Roaming\Canneverbe Limited [2012-06-05 19:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2012-06-05 18:37:03 | 000,147,456 | ---- | C] (TeraByte Unlimited) -- C:\Users\Jarek\Desktop\BurnCDCC.exe [2012-06-05 18:14:07 | 005,307,840 | ---- | C] (Canneverbe Limited ) -- C:\Users\Jarek\Desktop\cdbxp_setup_4.4.1.3099.exe [2012-06-05 11:40:06 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2012-06-05 10:34:15 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{73BF92BA-EF22-48CD-BDB2-7B7DE8FAADB1} [2012-06-05 10:33:51 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{E1D0FF1A-A435-4E0D-AD01-D344BC109829} [2012-06-04 16:15:53 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{98DF4EEB-1AFA-4315-BA8F-9D2F03AB18B0} [2012-06-04 16:15:30 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{64A95C41-759D-4088-953D-7F6D2D01DC7B} [2012-06-04 15:34:43 | 017,446,128 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Jarek\Desktop\SAS_15694.EXE [2012-06-03 22:10:14 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{9F98B090-984A-490C-88FA-3150FFA75B44} [2012-06-03 22:09:51 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{A616F266-5A36-4CE7-B8E5-22D35931FC3B} [2012-06-03 19:02:58 | 000,370,048 | ---- | C] (Neuber Software) -- C:\Users\Jarek\Desktop\SvchostAnalyzer.exe [2012-06-03 09:31:33 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{BBC5C637-0285-486F-A4F6-71C149AA5E23} [2012-06-03 09:31:10 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{DF3A5520-6781-4D17-8FAB-985C5D196205} [2012-06-03 08:06:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-06-03 08:02:08 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012-06-03 07:51:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012-06-02 23:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security [2012-06-02 21:53:53 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Roaming\Malwarebytes [2012-06-02 21:53:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-06-02 21:53:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-06-02 21:53:41 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012-06-02 21:53:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012-06-02 21:53:06 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Jarek\Desktop\mbam-setup-1.61.0.1400.exe [2012-06-02 21:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover [2012-06-02 21:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software [2012-06-02 21:16:21 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Roaming\xkpoe [2012-06-02 21:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\F4D55F3B00016149000ADEE9B4EB2331 [2012-06-02 21:15:12 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Roaming\Ytinaw [2012-06-02 21:15:12 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Roaming\Ogde [2012-06-02 21:15:12 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Roaming\Esadf [2012-06-02 16:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET [2012-06-02 16:42:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2012-06-02 16:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012-06-02 13:41:41 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{DD7F3901-7972-4310-9745-345F5E22BFA8} [2012-06-02 13:41:19 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{3D3483E7-0E02-413F-8554-AF1A15EAF189} [2012-06-01 17:49:32 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{A5453210-6DC9-420B-9721-98905F968A95} [2012-06-01 17:49:09 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{72B7C078-D01B-4FDD-B3EB-A99697B8B153} [2012-05-31 17:54:39 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{54D3A80C-B483-4AB6-AB21-F15CBDCAAB5B} [2012-05-31 17:54:26 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{A17F5AB4-8322-4E67-A486-04030EF9D47E} [2012-05-30 18:52:36 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{4CC56E71-BD5E-4CA6-B434-835C26029AAC} [2012-05-30 18:52:12 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{94648E01-C63A-4B25-BB1D-DB75199DB38B} [2012-05-29 17:37:39 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{9B5DEAB6-4929-42BA-873D-9B2A3815DBAD} [2012-05-29 17:37:15 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{46E27B02-B177-416D-A5FC-EB530B25346F} [2012-05-28 18:21:01 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{130CC960-5416-43E5-B230-BF4859C14BB6} [2012-05-28 18:20:44 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{52237A54-81BE-4050-960B-AF88C5C59446} [2012-05-27 15:35:27 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{4AE0F903-C956-4834-991B-436077995385} [2012-05-27 15:35:04 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{652F0567-D307-4ED6-A526-D17B927FAD3A} [2012-05-27 14:59:12 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{657B406F-855A-4C99-B6C7-756BA50EDD1C} [2012-05-27 14:58:49 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{194C6123-89D3-4574-A98E-B183156987DC} [2012-05-26 14:06:08 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{A6FE7345-AF4B-43D0-B5D0-C501C804CC0D} [2012-05-26 14:05:45 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{46B4802C-BD7D-48C0-86D5-1EB1252774AE} [2012-05-25 18:46:47 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{9DEEA3E6-4CA2-47BF-BFA1-7851789AE61C} [2012-05-25 18:46:32 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{E59D7733-313A-49D5-A248-4ADBC324F2F2} [2012-05-24 19:09:14 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{37EFC059-A39E-4885-8C31-940040DFA155} [2012-05-24 19:09:01 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{F9A1D358-B391-4DE3-84BA-6414E4695F85} [2012-05-23 13:00:02 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{2061B3ED-1889-4CCC-829B-82F0050A0AAE} [2012-05-23 12:59:38 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{F04EBAF1-6A6B-4BE7-A9AC-CC47DE5B23BD} [2012-05-22 21:28:30 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{DD09940F-33A0-4CAE-A7B1-69B1C739B757} [2012-05-22 21:28:06 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{BC06439E-DCF0-4E1F-8B2A-5BC52E0A489B} [2012-05-21 18:58:24 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{A78DBAB4-BA58-488A-9029-A44478BE7333} [2012-05-21 18:58:00 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{8A38DAB7-8ED1-46D3-824E-FCD56E744B20} [2012-05-20 09:26:17 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{3812B1FF-8F0B-4EEF-9BF1-23CA557EECC7} [2012-05-20 09:25:44 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{6F3CA19A-34D6-4295-A58C-80A9ADE787F6} [2012-05-19 12:04:21 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{3D0C8BE3-EA82-4528-B8D5-C7A8547B7074} [2012-05-19 12:03:58 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{E12D5A35-A054-4E01-917B-A0B52629F53F} [2012-05-18 22:06:16 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{7581956F-3BE0-4607-AB5E-0509BA91F899} [2012-05-18 22:05:53 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{FAD931AB-F7B2-4660-90C9-3EB2566B86B7} [2012-05-18 17:41:37 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{A51BF911-B49A-4AAA-9EC1-6951C3BC26E6} [2012-05-17 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{11FB3493-4B64-48D6-91FA-01A3AABA0CDB} [2012-05-17 21:57:06 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{8F80A54C-8D77-4E11-8319-42E88DD81927} [2012-05-12 16:18:14 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{3F6D5740-5AF1-49C8-9358-FDC70D0545CA} [2012-05-12 14:50:35 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{E7893C3A-E4D8-49AC-AE12-AC046AD0E86E} [2012-05-11 18:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012-05-11 18:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012-05-11 18:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012-05-11 17:42:04 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{6A98D2E4-B66D-4967-A9A3-979A6B1BDA2E} [2012-05-11 17:41:39 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{60FC71A1-B6BD-498A-9B9A-F2D241AA851F} [2012-05-10 18:00:02 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{C3C3B98B-B8B4-4D9F-8030-3F6730EE137A} [2012-05-10 17:59:38 | 000,000,000 | ---D | C] -- C:\Users\Jarek\AppData\Local\{55C0DD1D-90AE-4FE4-93AF-8A34CFEBB7D1} [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-09 17:17:49 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jarek\Desktop\OTL.exe [2012-06-09 16:28:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-09 16:24:29 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-09 16:24:29 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-09 16:17:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-09 16:16:51 | 3139,457,024 | -HS- | M] () -- C:\hiberfil.sys [2012-06-08 21:52:18 | 000,054,773 | ---- | M] () -- C:\Users\Jarek\Desktop\ESETFilecoderAECleaner.zip [2012-06-08 21:47:50 | 000,138,120 | ---- | M] (ESET) -- C:\Users\Jarek\Desktop\ESETSirefefRemover.exe [2012-06-08 20:54:26 | 000,000,945 | ---- | M] () -- C:\Users\Public\Desktop\Mega Camera Manager.lnk [2012-06-06 21:51:13 | 000,001,453 | ---- | M] () -- C:\Users\Jarek\Desktop\Internet Explorer (2).lnk [2012-06-06 21:28:01 | 000,476,417 | ---- | M] () -- C:\Users\Jarek\Desktop\DeWalt 1.jpg [2012-06-05 18:14:17 | 005,307,840 | ---- | M] (Canneverbe Limited ) -- C:\Users\Jarek\Desktop\cdbxp_setup_4.4.1.3099.exe [2012-06-04 18:07:43 | 000,753,003 | ---- | M] () -- C:\Users\Jarek\Desktop\hammer drill.JPG [2012-06-04 15:34:44 | 017,446,128 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Jarek\Desktop\SAS_15694.EXE [2012-06-03 21:24:54 | 000,788,708 | ---- | M] () -- C:\Users\Jarek\Desktop\makita12.JPG [2012-06-03 21:24:30 | 000,131,554 | ---- | M] () -- C:\Users\Jarek\Desktop\makita11.JPG [2012-06-03 19:03:02 | 000,370,048 | ---- | M] (Neuber Software) -- C:\Users\Jarek\Desktop\SvchostAnalyzer.exe [2012-06-03 08:06:16 | 000,001,449 | ---- | M] () -- C:\Users\Jarek\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012-06-03 08:05:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012-06-02 21:53:44 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-06-02 21:53:15 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Jarek\Desktop\mbam-setup-1.61.0.1400.exe [2012-06-02 16:39:03 | 064,235,520 | ---- | M] () -- C:\Users\Jarek\Desktop\ess_nt64_plk.msi [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-08 21:50:12 | 000,054,773 | ---- | C] () -- C:\Users\Jarek\Desktop\ESETFilecoderAECleaner.zip [2012-06-08 20:47:54 | 000,014,381 | ---- | C] () -- C:\Windows\Tw504a.ini [2012-06-08 20:47:54 | 000,007,431 | ---- | C] () -- C:\Windows\Tw504a.src [2012-06-08 20:47:54 | 000,001,906 | ---- | C] () -- C:\Windows\CA504A.INI [2012-06-08 20:47:54 | 000,000,945 | ---- | C] () -- C:\Users\Public\Desktop\Mega Camera Manager.lnk [2012-06-08 20:47:54 | 000,000,164 | ---- | C] () -- C:\Windows\Setup504.ini [2012-06-08 20:47:53 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IPSK.dll [2012-06-08 20:47:53 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\jpg32.dll [2012-06-08 20:47:53 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\DJSunplusDLL.dll [2012-06-08 20:47:53 | 000,065,024 | ---- | C] () -- C:\Windows\SysWow64\amcap504.exe [2012-06-08 20:47:53 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\VWJPG.dll [2012-06-08 20:47:53 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\VWBMP.dll [2012-06-08 20:47:53 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\VMIO.dll [2012-06-08 20:47:53 | 000,000,473 | ---- | C] () -- C:\Windows\SysWow64\I-dext504.ini [2012-06-08 20:47:53 | 000,000,467 | ---- | C] () -- C:\Windows\SysWow64\S-dext504.ini [2012-06-08 20:47:53 | 000,000,464 | ---- | C] () -- C:\Windows\SysWow64\F-dext504.ini [2012-06-08 20:47:53 | 000,000,458 | ---- | C] () -- C:\Windows\SysWow64\P-dext504.ini [2012-06-08 20:47:53 | 000,000,456 | ---- | C] () -- C:\Windows\SysWow64\G-dext504.ini [2012-06-08 20:47:53 | 000,000,454 | ---- | C] () -- C:\Windows\SysWow64\H-dext504.ini [2012-06-08 20:47:53 | 000,000,453 | ---- | C] () -- C:\Windows\SysWow64\E-dext504.ini [2012-06-06 21:51:13 | 000,001,453 | ---- | C] () -- C:\Users\Jarek\Desktop\Internet Explorer (2).lnk [2012-06-06 21:28:09 | 000,476,417 | ---- | C] () -- C:\Users\Jarek\Desktop\DeWalt 1.jpg [2012-06-05 18:37:03 | 000,035,750 | ---- | C] () -- C:\Users\Jarek\Desktop\DefaultKeyboardPatch.zip [2012-06-05 18:37:03 | 000,000,068 | ---- | C] () -- C:\Users\Jarek\Desktop\BurnToCD.cmd [2012-06-04 18:07:43 | 000,753,003 | ---- | C] () -- C:\Users\Jarek\Desktop\hammer drill.JPG [2012-06-03 21:24:54 | 000,788,708 | ---- | C] () -- C:\Users\Jarek\Desktop\makita12.JPG [2012-06-03 21:24:30 | 000,131,554 | ---- | C] () -- C:\Users\Jarek\Desktop\makita11.JPG [2012-06-03 08:06:16 | 000,001,455 | ---- | C] () -- C:\Users\Jarek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-06-02 21:53:44 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-06-02 21:18:07 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{871840cb-bc96-cd5e-104a-46e4c107d6c6}\U\00000001.@ [2012-06-02 21:18:06 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{871840cb-bc96-cd5e-104a-46e4c107d6c6}\U\800000cb.@ [2012-06-02 16:39:03 | 064,235,520 | ---- | C] () -- C:\Users\Jarek\Desktop\ess_nt64_plk.msi [2012-01-29 20:38:03 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{871840cb-bc96-cd5e-104a-46e4c107d6c6}\@ [2012-01-29 20:38:03 | 000,002,048 | -HS- | C] () -- C:\Users\Jarek\AppData\Local\{871840cb-bc96-cd5e-104a-46e4c107d6c6}\@ [2011-02-11 20:15:08 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2011-02-11 20:15:08 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2011-02-11 20:15:08 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin < End of report >