OTL logfile created on: 2012-06-25 19:28:11 - Run 4 OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Kacper\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,86 Gb Available Physical Memory | 42,98% Memory free 4,23 Gb Paging File | 2,93 Gb Available in Paging File | 69,20% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 28,56 Gb Free Space | 29,25% Space Free | Partition Type: NTFS Drive D: | 135,22 Gb Total Space | 124,88 Gb Free Space | 92,35% Space Free | Partition Type: NTFS Computer Name: KACPERR | User Name: Kacper | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-06-25 19:08:19 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe PRC - [2012-06-19 10:48:14 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe PRC - [2012-05-15 12:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-05-15 11:28:16 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe PRC - [2012-05-15 11:27:34 | 000,857,920 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012-03-28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccsvchst.exe PRC - [2012-01-26 11:16:35 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010-04-05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2007-10-01 05:53:50 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-19 10:48:11 | 020,313,384 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll MOD - [2012-06-19 10:48:09 | 000,895,312 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll MOD - [2012-06-19 10:48:07 | 000,123,192 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll MOD - [2012-06-19 10:48:05 | 000,190,776 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll MOD - [2012-06-19 10:48:03 | 001,099,576 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\libglesv2.dll MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\libegl.dll MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\avutil-51.dll MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\avformat-54.dll MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2012-06-23 09:39:51 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-19 10:48:14 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012-05-15 12:26:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-05-15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012-03-28 01:14:06 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe -- (NIS) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-04-05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2008-04-07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - [2012-06-19 02:01:14 | 000,821,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120619.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2012-06-14 20:39:26 | 000,382,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120622.001\IDSvix86.sys -- (IDSVix86) DRV - [2012-05-31 09:36:49 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2012-05-31 09:36:49 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012-05-16 08:48:11 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120624.008\NAVEX15.SYS -- (NAVEX15) DRV - [2012-05-16 08:48:11 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120624.008\NAVENG.SYS -- (NAVENG) DRV - [2012-05-15 12:26:00 | 011,354,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012-03-29 08:28:37 | 000,345,208 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\symtdiv.sys -- (SYMTDIv) DRV - [2012-03-29 08:28:30 | 000,905,336 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\symefa.sys -- (SymEFA) DRV - [2012-03-29 08:06:25 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\ironx86.sys -- (SymIRON) DRV - [2012-03-29 08:03:27 | 000,574,072 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\srtsp.sys -- (SRTSP) DRV - [2012-03-29 08:03:27 | 000,032,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\srtspx.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2012-03-27 09:23:14 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2011-11-30 00:44:14 | 000,132,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\ccsetx86.sys -- (ccSet_NIS) DRV - [2011-07-25 20:18:36 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1307010.005\symds.sys -- (SymDS) DRV - [2009-03-31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2007-10-03 10:18:12 | 000,099,840 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007-09-17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3204788080-868493200-1214667827-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3204788080-868493200-1214667827-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3204788080-868493200-1214667827-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3204788080-868493200-1214667827-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kacper\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kacper\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012-02-01 16:07:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012-06-25 19:07:06 | 000,000,000 | ---D | M] [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Norton Confidential (Enabled) = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\npcoplgn.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Google Update (Enabled) = C:\Users\Kacper\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Szukaj w Google = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: AdBlock = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.37_0\ CHR - Extension: Norton Identity Protection = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\ CHR - Extension: Gmail = C:\Users\Kacper\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-05-04 12:20:57 | 000,000,806 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-3204788080-868493200-1214667827-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3204788080-868493200-1214667827-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-3204788080-868493200-1214667827-1003..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.4.0) O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.242.226.251 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8703BC80-A8D7-4581-B9B0-F96ED09F0087}: DhcpNameServer = 77.242.226.251 8.8.8.8 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-06-25 19:08:11 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe [2012-06-22 12:52:21 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012-06-22 12:52:21 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012-06-22 12:52:06 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012-06-22 12:52:06 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012-06-22 12:52:06 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012-06-22 12:51:58 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012-06-22 12:51:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012-06-19 23:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Dzielenie i laczenie plikow [2012-06-19 23:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziel. i łącz. plików [2012-06-19 16:27:39 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2012-06-18 19:57:56 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Gadu-Gadu 10 [2012-06-18 19:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Gadu-Gadu 10 [2012-06-17 14:37:14 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\TuneUp Software [2012-06-17 14:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012 [2012-06-17 14:35:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012-06-17 14:35:38 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012-06-17 14:35:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012-06-14 16:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III [2012-06-14 16:07:10 | 000,000,000 | ---D | C] -- C:\Program Files\JoWooD Productions Software AG [2012-06-13 12:40:02 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-06-13 12:40:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-06-13 12:40:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-06-13 12:39:59 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-06-13 12:39:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-06-13 12:39:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-06-13 12:39:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-06-13 11:50:25 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-06-12 15:25:42 | 000,000,000 | ---D | C] -- C:\Users\Kacper\Documents\gothic3 [2012-06-12 15:25:12 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\Xfire [2012-06-12 15:25:11 | 000,000,000 | --SD | C] -- C:\Program Files\Xfire [2012-06-12 15:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire [2012-06-10 19:52:32 | 000,000,000 | ---D | C] -- C:\Users\Kacper\SystemRequirementsLab [2012-06-01 17:05:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV [2012-05-30 21:09:39 | 000,000,000 | ---D | C] -- C:\Program Files\Muse [2012-05-30 14:40:39 | 000,000,000 | ---D | C] -- C:\Users\Kacper\AppData\Roaming\AdobeMuse [2012-05-27 21:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-05-27 21:38:52 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2012-05-27 21:38:36 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012-05-27 21:38:36 | 000,227,784 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-05-27 21:38:08 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012-05-27 21:38:08 | 000,174,024 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-06-25 19:27:42 | 001,572,864 | -HS- | M] () -- C:\Users\Kacper\NTUSER.DAT [2012-06-25 19:08:19 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Kacper\Desktop\OTL.exe [2012-06-25 19:05:42 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-25 19:05:41 | 000,004,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-06-25 19:05:39 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012-06-25 19:05:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-06-25 17:26:08 | 000,524,288 | -HS- | M] () -- C:\Users\Kacper\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2012-06-25 17:26:08 | 000,065,536 | -HS- | M] () -- C:\Users\Kacper\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2012-06-25 17:25:55 | 003,434,167 | -H-- | M] () -- C:\Users\Kacper\AppData\Local\IconCache.db [2012-06-25 16:41:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3204788080-868493200-1214667827-1000UA.job [2012-06-25 16:37:59 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-06-24 20:41:00 | 000,001,010 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3204788080-868493200-1214667827-1000Core.job [2012-06-24 15:22:48 | 000,000,440 | ---- | M] () -- C:\Users\Kacper\Desktop\Inne.rtf [2012-06-24 12:37:13 | 000,139,448 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012-06-24 12:37:03 | 000,282,472 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2012-06-24 12:35:56 | 000,271,200 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0 [2012-06-23 09:39:37 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-06-23 09:39:37 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-06-20 14:41:54 | 003,589,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-06-19 23:03:14 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Dzielenie i łączenie plików.lnk [2012-06-19 22:15:40 | 000,049,168 | ---- | M] () -- C:\Users\Kacper\AppData\Local\GDIPFONTCACHEV1.DAT [2012-06-19 19:49:49 | 000,011,264 | ---- | M] () -- C:\Users\Kacper\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-06-19 16:27:40 | 000,000,524 | ---- | M] () -- C:\Users\Kacper\Desktop\Fraps.lnk [2012-06-17 20:25:39 | 000,000,217 | ---- | M] () -- C:\Users\Kacper\Desktop\Dokument1.rtf [2012-06-14 16:15:19 | 000,000,760 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk [2012-06-14 16:07:21 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III.lnk [2012-06-13 12:54:21 | 001,515,932 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2012-06-13 12:54:21 | 000,671,902 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-06-13 12:54:21 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-06-13 12:54:21 | 000,130,310 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-06-13 12:54:21 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-06-12 15:03:13 | 000,000,268 | ---- | M] () -- C:\Users\Kacper\AppData\Roaming\burnaware.ini [2012-06-09 15:32:56 | 000,002,047 | ---- | M] () -- C:\Users\Kacper\Desktop\Google Chrome.lnk [2012-06-03 00:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012-06-03 00:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012-06-03 00:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012-06-03 00:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012-06-03 00:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012-06-02 17:34:24 | 000,000,156 | ---- | M] () -- C:\Users\Kacper\Documents\MuseLogPrefs.xml [2012-06-02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012-06-02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012-05-27 23:15:21 | 000,001,039 | ---- | M] () -- C:\Users\Kacper\Desktop\Auslogics Disk Defrag.lnk [2012-05-27 23:08:36 | 000,000,215 | ---- | M] () -- C:\Users\Kacper\Desktop\F.E.A.R. 2 Project Origin.url [2012-05-27 23:08:26 | 000,001,791 | ---- | M] () -- C:\Users\Kacper\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Wielu graczy.lnk [2012-05-27 23:08:18 | 000,001,791 | ---- | M] () -- C:\Users\Kacper\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Jeden gracz.lnk [2012-05-27 21:37:47 | 000,227,784 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012-05-27 21:37:47 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012-05-27 21:37:47 | 000,174,024 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-06-19 23:03:14 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Dzielenie i łączenie plików.lnk [2012-06-19 16:27:40 | 000,000,524 | ---- | C] () -- C:\Users\Kacper\Desktop\Fraps.lnk [2012-06-17 20:25:39 | 000,000,217 | ---- | C] () -- C:\Users\Kacper\Desktop\Dokument1.rtf [2012-06-14 16:07:20 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III.lnk [2012-06-12 15:25:12 | 000,000,760 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk [2012-06-12 14:59:45 | 000,000,268 | ---- | C] () -- C:\Users\Kacper\AppData\Roaming\burnaware.ini [2012-06-02 17:34:24 | 000,000,156 | ---- | C] () -- C:\Users\Kacper\Documents\MuseLogPrefs.xml [2012-05-27 23:15:21 | 000,001,039 | ---- | C] () -- C:\Users\Kacper\Desktop\Auslogics Disk Defrag.lnk [2012-05-27 23:08:36 | 000,000,215 | ---- | C] () -- C:\Users\Kacper\Desktop\F.E.A.R. 2 Project Origin.url [2012-05-27 23:08:26 | 000,001,791 | ---- | C] () -- C:\Users\Kacper\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Wielu graczy.lnk [2012-05-27 23:08:18 | 000,001,791 | ---- | C] () -- C:\Users\Kacper\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Jeden gracz.lnk [2012-05-22 20:25:42 | 000,002,528 | ---- | C] () -- C:\Users\Kacper\AppData\Roaming\$_hpcst$.hpc [2012-05-15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2012-05-12 13:59:29 | 000,031,007 | ---- | C] () -- C:\Users\Kacper\AppData\Roaming\UserTile.png [2012-05-04 21:26:53 | 000,000,132 | ---- | C] () -- C:\Users\Kacper\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012-04-15 18:43:07 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012-04-12 17:40:48 | 000,139,448 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012-04-12 17:40:48 | 000,022,328 | ---- | C] () -- C:\Users\Kacper\AppData\Roaming\PnkBstrK.sys [2012-04-12 17:40:19 | 000,282,472 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2012-04-12 17:40:06 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2012-04-12 17:39:53 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2012-02-21 22:28:00 | 000,011,264 | ---- | C] () -- C:\Users\Kacper\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-02-01 10:31:23 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2012-02-01 10:31:23 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2012-01-31 23:22:43 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll [2012-01-26 17:45:26 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2012-01-26 17:45:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2012-01-26 17:45:09 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2012-01-26 17:00:09 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2012-01-26 10:12:35 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2012-01-25 19:52:10 | 003,434,167 | -H-- | C] () -- C:\Users\Kacper\AppData\Local\IconCache.db [2012-01-25 19:47:51 | 000,049,168 | ---- | C] () -- C:\Users\Kacper\AppData\Local\GDIPFONTCACHEV1.DAT [2012-01-25 19:47:24 | 000,000,680 | ---- | C] () -- C:\Users\Kacper\AppData\Local\d3d9caps.dat [2012-01-25 19:47:23 | 001,572,864 | -HS- | C] () -- C:\Users\Kacper\NTUSER.DAT [2012-01-25 19:47:23 | 000,524,288 | -HS- | C] () -- C:\Users\Kacper\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2012-01-25 19:47:23 | 000,524,288 | -HS- | C] () -- C:\Users\Kacper\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2012-01-25 19:47:23 | 000,065,536 | -HS- | C] () -- C:\Users\Kacper\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2012-01-25 19:47:23 | 000,000,020 | -HS- | C] () -- C:\Users\Kacper\ntuser.ini [color=#E56717]========== LOP Check ==========[/color] [2012-06-25 10:50:41 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\.minecraft [2012-05-02 17:58:57 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Auslogics [2012-01-31 23:16:28 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\BESTplayer [2012-02-22 18:04:59 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Canon [2012-03-31 10:05:32 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012-06-18 20:02:14 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Gadu-Gadu 10 [2012-02-01 10:41:06 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\PC Suite [2012-05-12 13:59:29 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\PeerNetworking [2012-05-23 10:38:20 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\Samsung [2012-06-17 14:37:14 | 000,000,000 | ---D | M] -- C:\Users\Kacper\AppData\Roaming\TuneUp Software [2012-06-25 17:26:31 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:07BF512B < End of report >