OTL logfile created on: 2012-07-09 17:49:13 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Documents and Settings\Krystian\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 511,48 Mb Total Physical Memory | 100,82 Mb Available Physical Memory | 19,71% Memory free 1,22 Gb Paging File | 0,72 Gb Available in Paging File | 58,78% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 8,13 Gb Free Space | 27,75% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 39,30 Gb Free Space | 67,07% Space Free | Partition Type: NTFS Drive E: | 61,15 Gb Total Space | 25,74 Gb Free Space | 42,10% Space Free | Partition Type: NTFS Computer Name: XXX-A714D949CDE | User Name: Krystian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-09 17:45:41 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Krystian\Pulpit\OTL.exe PRC - [2012-06-16 15:48:39 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-01-03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe PRC - [2011-01-20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2011-01-13 10:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2011-01-13 10:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2009-03-12 18:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-01-26 12:38:38 | 000,866,816 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\SpeedTouch USB\dragdiag.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-07-09 08:37:38 | 001,781,248 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12070900\algo.dll MOD - [2012-06-23 16:47:40 | 009,459,912 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll MOD - [2012-06-16 15:48:38 | 002,042,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-01-13 10:47:29 | 000,142,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\aswDld.dll MOD - [2009-03-12 18:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe MOD - [2009-02-27 20:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2006-09-25 10:13:12 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-06-23 16:48:01 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-16 15:48:38 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-06-05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-02-05 15:01:40 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-01-13 10:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-01-15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009-03-12 18:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [File_System | On_Demand | Stopped] -- D:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2011-02-05 13:35:07 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-01-13 10:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2011-01-13 10:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2011-01-13 10:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2011-01-13 10:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2011-01-13 10:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2011-01-13 10:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-12-28 23:35:40 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2010-04-27 17:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2010-04-27 17:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2010-04-27 17:57:24 | 000,031,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo) DRV - [2010-04-27 17:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2010-04-27 15:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2008-05-26 20:06:33 | 000,031,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Temp\ewdmaudn.sys -- (ewdmaudn) DRV - [2007-07-18 13:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2006-12-17 04:50:29 | 001,918,464 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2006-11-27 17:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006-11-27 17:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006-10-18 17:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2006-06-19 00:51:32 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2003-12-08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN) DRV - [2003-12-08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) DRV - [2003-08-04 14:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=10&barid={1D6ACEB3-3EE7-4BF8-AE53-018E5AADB7C7} IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}&barid={1D6ACEB3-3EE7-4BF8-AE53-018E5AADB7C7} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=10&barid={1D6ACEB3-3EE7-4BF8-AE53-018E5AADB7C7} IE - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com) IE - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYPL&apn_uid=605315A8-08F4-4877-B9E8-0DD7C8947C7D&apn_sauid=96E94463-AFB5-4CAA-B700-06D7D946A75B IE - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 IE - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms}&barid={1D6ACEB3-3EE7-4BF8-AE53-018E5AADB7C7} IE - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5 FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2 FF - prefs.js..extensions.enabledItems: cacaoweb@cacaoweb.org:1.0.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20110211 FF - prefs.js..extensions.enabledItems: zigboom@ymail.com:1.3.1 FF - prefs.js..keyword.URL: "http://zinkwink.com/?clid=bcffa60b7dec4d1fbc122345283dd23c&prt=corsairzwbho&tmp=nemo_results&keywords=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@ganymede/CARDS,version=1.0: C:\Program Files\Ganymede\Plugins\CARDS\NPCARDS.dll (Ganymede Technologies) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-06-16 15:48:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-12-30 23:32:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Extensions [2012-07-04 11:31:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\extensions [2012-06-30 12:34:53 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2011-03-03 01:06:22 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\extensions\cacaoweb@cacaoweb.org [2011-06-30 00:17:02 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\extensions\pl@dictionaries.addons.mozilla.org [2012-06-22 17:31:07 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\extensions\zigboom@ymail.com [2012-01-03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\searchplugins\askcom.xml [2011-06-02 00:17:17 | 000,001,567 | ---- | M] () -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\searchplugins\free-weather-by-zip-code.xml [2012-05-29 16:48:05 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\searchplugins\sweetim.xml [2011-06-02 00:09:20 | 000,001,448 | ---- | M] () -- C:\Documents and Settings\Krystian\Dane aplikacji\Mozilla\Firefox\Profiles\o1sddptn.default\searchplugins\wyadowania-atmosferyczne.xml [2012-04-26 07:05:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-11-07 11:44:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010-12-31 16:34:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012-06-16 15:48:39 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-02-16 13:12:03 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-01-31 17:51:54 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-02-16 13:12:03 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-16 13:12:03 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-16 13:12:03 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-16 13:12:03 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-16 13:12:03 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2001-10-26 18:45:16 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (wxdfast Class) - {E8E4F971-D737-40a1-8046-16EAD6D806E1} - C:\Program Files\wxdfast\wxdfast.dll (wxdfast) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (Corsair Add-on) - {B4FBA8C3-2083-4ED8-A35B-148478739826} - C:\Program Files\Corsair Addon\corsair.dll () O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\Toolbar\ShellBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O3 - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\Toolbar\WebBrowser: (Corsair Add-on) - {B4FBA8C3-2083-4ED8-A35B-148478739826} - C:\Program Files\Corsair Addon\corsair.dll () O3 - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [SpeedTouch USB Diagnostics] C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe (THOMSON Telecom Belgium) O4 - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1960408961-1972579041-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A09E9D4-9F4F-4BFB-8A6C-A012884492F6}: NameServer = 194.204.152.34 194.204.159.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-12-28 23:21:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-09-02 17:36:00 | 000,001,741 | ---- | M] () - D:\Autodesk 3ds Max 2010 32-bit.lnk -- [ NTFS ] O33 - MountPoints2\{a6b0adcc-c210-11e1-a804-000e50e97ecb}\Shell - "" = AutoRun O33 - MountPoints2\{a6b0adcc-c210-11e1-a804-000e50e97ecb}\Shell\AutoRun\command - "" = M:\AutoRun.exe O33 - MountPoints2\{a6b0adcf-c210-11e1-a804-000e50e97ecb}\Shell - "" = AutoRun O33 - MountPoints2\{a6b0adcf-c210-11e1-a804-000e50e97ecb}\Shell\AutoRun\command - "" = M:\AutoRun.exe O33 - MountPoints2\{e0056ca5-3120-11e0-a377-000e50e97ecb}\Shell - "" = AutoRun O33 - MountPoints2\{e0056ca5-3120-11e0-a377-000e50e97ecb}\Shell\AutoRun\command - "" = L:\Autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-09 17:45:33 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Krystian\Pulpit\OTL.exe [2012-07-09 17:21:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2012-07-09 17:17:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Moje dokumenty\FIFA 07 [2012-07-09 16:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA SPORTS [2012-07-09 16:14:30 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys [2012-07-09 16:14:30 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys [2012-07-09 16:14:29 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys [2012-07-09 16:14:29 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys [2012-07-09 16:14:29 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys [2012-07-09 16:14:28 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax [2012-07-09 16:14:28 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax [2012-07-09 16:14:28 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax [2012-07-09 16:14:28 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax [2012-07-09 16:14:28 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys [2012-07-09 16:14:28 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax [2012-07-09 16:14:28 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax [2012-07-09 16:14:28 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax [2012-07-09 16:14:28 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax [2012-07-09 16:14:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys [2012-07-09 16:14:28 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys [2012-07-09 16:14:28 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys [2012-07-09 16:14:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax [2012-07-09 16:14:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax [2012-07-09 16:14:28 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys [2012-07-09 16:14:28 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys [2012-07-09 16:14:26 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys [2012-07-09 16:14:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax [2012-07-09 16:14:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe [2012-07-09 16:14:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll [2012-07-09 11:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Moje dokumenty\FIFA 11 [2012-07-09 11:42:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Krystian\Dane aplikacji\SecuROM [2012-07-09 11:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Dane aplikacji\Leadertech [2012-07-09 11:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports [2012-07-07 23:52:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Dane aplikacji\avidemux [2012-07-07 23:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Avidemux [2012-07-07 23:52:05 | 000,000,000 | ---D | C] -- C:\Program Files\Avidemux 2.5 [2012-07-07 23:43:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\WMTools Downloaded Files [2012-07-07 23:42:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Krystian\Moje dokumenty\Moje wideo [2012-07-07 23:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Pulpit\Podmiejska [2012-07-06 13:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Pulpit\szaszlyki [2012-07-03 15:34:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Pulpit\wyspa [2012-06-29 19:47:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Pulpit\kinga zakonczenia roku [2012-06-29 19:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\PLAY ONLINE [2012-06-25 23:38:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Menu Start\Programy\Illusion Softworks [2012-06-25 23:38:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Illusion Softworks [2012-06-25 20:01:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Moje dokumenty\Downloads [2012-06-25 20:01:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\CRE [2012-06-25 20:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2012-06-25 20:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\uTorrentControl2 [2012-06-25 20:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\Conduit [2012-06-25 20:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentControl2 [2012-06-25 20:00:06 | 001,021,840 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Krystian\Moje dokumenty\uTorrent.exe [2012-06-25 19:59:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Dane aplikacji\uTorrent [2012-06-25 18:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\Toggle Downloader [2012-06-25 18:42:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Menu Start\Programy\Toggle Downloader [2012-06-25 18:33:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012-06-20 14:12:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Krystian\Recent [2012-06-15 17:40:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Skype [2012-06-15 17:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-06-15 17:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Krystian\Dane aplikacji\Mumble [2012-06-15 17:17:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Mumble [2012-02-13 03:42:57 | 002,368,760 | ---- | C] (DownVision ) -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\setup.exe [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-09 17:54:05 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2012-07-09 17:46:17 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-07-09 17:45:41 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Krystian\Pulpit\OTL.exe [2012-07-09 17:35:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012-07-09 17:35:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-07-09 17:30:17 | 007,340,032 | ---- | M] () -- C:\Documents and Settings\Krystian\NTUSER.DAT [2012-07-09 17:30:17 | 000,000,188 | -HS- | M] () -- C:\Documents and Settings\Krystian\ntuser.ini [2012-07-09 17:30:12 | 004,287,370 | -H-- | M] () -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\IconCache.db [2012-07-09 17:22:47 | 000,000,435 | ---- | M] () -- C:\WINDOWS\system.ini [2012-07-09 17:21:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-07-09 16:44:02 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-07-09 16:36:11 | 000,000,589 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 07.lnk [2012-07-09 11:29:26 | 000,057,260 | ---- | M] () -- C:\Documents and Settings\Krystian\Pulpit\Wydruk.pdf [2012-07-09 10:42:07 | 002,986,038 | ---- | M] () -- C:\Documents and Settings\Krystian\Pulpit\Urząd.bmp [2012-07-07 23:54:53 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-07 18:10:47 | 000,053,472 | ---- | M] () -- C:\Documents and Settings\Krystian\Pulpit\kot.jpeg [2012-07-07 15:32:56 | 000,002,107 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Hidden & Dangerous 2 Sabre Squadron.lnk [2012-07-06 13:07:59 | 004,569,966 | ---- | M] () -- C:\Documents and Settings\Krystian\Pulpit\iztm_nr_7_54.pdf [2012-07-05 10:27:49 | 000,207,482 | ---- | M] () -- C:\Documents and Settings\Krystian\Pulpit\Systemy_Wyklad20120627.pdf [2012-07-05 09:40:31 | 000,491,756 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-07-05 09:40:31 | 000,433,386 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-07-05 09:40:31 | 000,084,666 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-07-05 09:40:31 | 000,068,150 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-07-01 21:33:25 | 000,000,533 | ---- | M] () -- C:\WINDOWS\win.ini [2012-07-01 21:33:25 | 000,000,223 | RHS- | M] () -- C:\boot.ini [2012-06-29 13:25:39 | 000,043,520 | ---- | M] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2012-06-25 20:00:07 | 000,000,487 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk [2012-06-25 20:00:06 | 001,021,840 | ---- | M] (BitTorrent, Inc.) -- C:\Documents and Settings\Krystian\Moje dokumenty\uTorrent.exe [2012-06-23 16:47:43 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-06-23 16:47:42 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-06-21 21:07:15 | 000,006,391 | R--- | M] () -- C:\Documents and Settings\Krystian\Pulpit\Wniosek.xml [2012-06-14 11:20:51 | 000,126,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-06-14 03:34:35 | 001,044,270 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-09 17:13:20 | 005,234,688 | ---- | C] () -- C:\Documents and Settings\Krystian\Pulpit\fifa07.exe [2012-07-09 16:36:11 | 000,000,589 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\FIFA 07.lnk [2012-07-09 16:14:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2012-07-09 16:14:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll [2012-07-09 16:14:29 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax [2012-07-09 16:14:29 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax [2012-07-09 16:14:28 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax [2012-07-09 16:14:28 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax [2012-07-09 11:33:32 | 000,057,260 | ---- | C] () -- C:\Documents and Settings\Krystian\Pulpit\Wydruk.pdf [2012-07-09 10:42:07 | 002,986,038 | ---- | C] () -- C:\Documents and Settings\Krystian\Pulpit\Urząd.bmp [2012-07-07 18:10:41 | 000,053,472 | ---- | C] () -- C:\Documents and Settings\Krystian\Pulpit\kot.jpeg [2012-07-06 13:07:44 | 004,569,966 | ---- | C] () -- C:\Documents and Settings\Krystian\Pulpit\iztm_nr_7_54.pdf [2012-07-05 10:27:49 | 000,207,482 | ---- | C] () -- C:\Documents and Settings\Krystian\Pulpit\Systemy_Wyklad20120627.pdf [2012-06-25 23:42:35 | 000,002,107 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Hidden & Dangerous 2 Sabre Squadron.lnk [2012-06-25 23:26:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2012-06-25 20:00:06 | 000,000,487 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\µTorrent.lnk [2012-06-21 21:07:28 | 000,006,391 | R--- | C] () -- C:\Documents and Settings\Krystian\Pulpit\Wniosek.xml [2012-05-17 00:46:23 | 000,204,552 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2012-04-20 16:20:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Krystian\desc.bs1 [2012-04-20 16:20:30 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Krystian\pred.3ds [2012-04-20 16:12:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Krystian\pulpit.bmp [2012-04-20 16:12:36 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Krystian\pulpit.3DS [2012-02-25 15:29:21 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Krystian\su18-3drl.3ds [2012-02-25 15:28:46 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Krystian\su18-1drl.3ds [2012-02-16 11:34:31 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-11 13:54:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Krystian\links.bmp [2011-12-25 00:24:28 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Krystian\16-01 30.05.11.JPG [2011-09-28 16:33:02 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2011-07-05 23:52:06 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\proc-1461555143.bin [2011-04-22 12:33:13 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2011-04-22 12:33:12 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-01-04 19:23:53 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2010-12-30 23:32:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-12-29 00:12:52 | 001,044,270 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010-12-29 00:12:51 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-12-29 00:11:36 | 000,126,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-12-28 23:47:26 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll [2010-12-28 23:46:47 | 000,019,152 | ---- | C] () -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT [2010-12-28 23:40:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2010-12-28 23:40:40 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2010-12-28 23:40:40 | 000,142,347 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2010-12-28 23:34:06 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2010-12-28 23:30:04 | 004,287,370 | -H-- | C] () -- C:\Documents and Settings\Krystian\Ustawienia lokalne\Dane aplikacji\IconCache.db [2010-12-28 23:29:49 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2010-12-28 23:25:18 | 000,000,188 | -HS- | C] () -- C:\Documents and Settings\Krystian\ntuser.ini [2010-12-28 23:25:16 | 007,340,032 | ---- | C] () -- C:\Documents and Settings\Krystian\NTUSER.DAT [2010-12-28 23:23:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-12-28 23:21:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2010-12-28 23:20:28 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010-12-28 23:20:23 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010-12-28 23:18:10 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010-12-28 23:18:00 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2010-12-28 23:18:00 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2010-12-28 23:17:15 | 000,026,717 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2010-12-28 23:17:13 | 000,003,813 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [color=#E56717]========== LOP Check ==========[/color] [2010-12-30 23:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2012-04-03 20:47:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ask [2011-02-05 15:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2012-01-31 17:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2011-02-05 13:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2012-02-16 17:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-01-31 17:52:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\InstallMate [2012-01-31 17:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Premium [2012-06-21 21:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SweetIM [2011-02-05 15:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\Autodesk [2012-07-07 23:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\avidemux [2012-01-31 17:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\Babylon [2012-02-11 17:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\BabylonToolbar [2011-02-09 15:46:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\Blender Foundation [2012-07-01 00:40:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\cacaoweb [2011-02-05 14:21:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\DAEMON Tools Lite [2012-03-13 01:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\Dev-Cpp [2011-10-04 00:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\FileHunter [2012-06-07 00:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\Gadu-Gadu 10 [2011-07-05 23:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\GanymedeNet [2012-07-09 11:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\Leadertech [2012-06-15 17:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\Mumble [2012-02-12 13:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\Nowe Gadu-Gadu [2011-01-18 14:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\OpenOffice.org [2011-08-26 16:29:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\RedDotGames [2012-07-09 16:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Krystian\Dane aplikacji\uTorrent [2012-07-09 17:54:05 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [color=#E56717]========== Purity Check ==========[/color] < End of report >