OTL logfile created on: 2012-07-11 22:44:38 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Grzegorz\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,80 Gb Available Physical Memory | 39,82% Memory free 4,24 Gb Paging File | 2,39 Gb Available in Paging File | 56,44% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,79 Gb Total Space | 32,21 Gb Free Space | 28,81% Space Free | Partition Type: NTFS Drive F: | 465,65 Gb Total Space | 368,77 Gb Free Space | 79,20% Space Free | Partition Type: FAT32 Computer Name: GRZEGORZ-PC | User Name: Grzegorz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-11 21:31:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Grzegorz\Desktop\OTL.exe PRC - [2012-06-20 21:12:40 | 000,800,656 | ---- | M] (Opera Software) -- C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe PRC - [2012-06-20 21:12:23 | 000,874,384 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2012-06-19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012-05-16 15:44:58 | 001,084,840 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe PRC - [2012-04-22 13:51:04 | 000,720,936 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2012-04-22 13:50:44 | 000,174,120 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2012-04-22 13:50:32 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe PRC - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-04-04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-02-17 10:37:46 | 015,963,936 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE PRC - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-09-22 13:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2011-09-02 02:15:40 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE PRC - [2010-07-22 19:07:05 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe PRC - [2010-06-30 19:38:40 | 003,158,016 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe PRC - [2010-03-24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe PRC - [2009-10-24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2009-04-11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2008-01-19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe PRC - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007-03-29 13:11:50 | 000,719,664 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2007-03-29 13:11:48 | 001,604,400 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe PRC - [2003-08-12 17:29:26 | 000,049,152 | ---- | M] () -- C:\Program Files\PWN\Definicje\BIN\Starter.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-06-24 16:41:10 | 009,459,912 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_262.dll MOD - [2012-06-20 21:14:30 | 000,064,000 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll MOD - [2012-06-20 21:14:29 | 000,276,480 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll MOD - [2012-06-20 21:14:29 | 000,078,336 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll MOD - [2012-06-20 21:14:29 | 000,046,592 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll MOD - [2012-06-20 21:14:29 | 000,045,568 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gsttypefindfunctions.dll MOD - [2012-06-20 21:14:28 | 000,316,928 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll MOD - [2012-06-20 21:14:28 | 000,168,448 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll MOD - [2012-06-20 21:14:28 | 000,076,800 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll MOD - [2012-06-20 21:14:27 | 000,099,840 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll MOD - [2012-06-20 21:14:27 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll MOD - [2012-06-20 21:14:27 | 000,098,816 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll MOD - [2012-06-20 21:14:27 | 000,068,608 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll MOD - [2012-06-20 21:14:26 | 000,783,360 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll MOD - [2012-05-16 15:45:56 | 000,276,392 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll MOD - [2012-05-16 15:45:40 | 002,652,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll MOD - [2012-05-16 15:45:40 | 000,363,944 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll MOD - [2012-05-16 15:45:38 | 011,166,120 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll MOD - [2012-05-16 15:45:36 | 001,346,472 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll MOD - [2012-05-16 15:45:36 | 000,205,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll MOD - [2012-05-16 15:45:34 | 001,013,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll MOD - [2012-05-16 15:45:34 | 000,720,296 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll MOD - [2012-05-16 15:45:32 | 008,506,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll MOD - [2012-05-16 15:45:32 | 000,520,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll MOD - [2012-05-16 15:45:30 | 002,480,552 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll MOD - [2012-05-16 15:45:30 | 002,353,576 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll MOD - [2012-05-16 15:45:28 | 000,445,864 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll MOD - [2012-05-16 15:45:22 | 000,206,760 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll MOD - [2012-05-16 15:45:22 | 000,035,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll MOD - [2012-05-16 15:45:20 | 000,032,680 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll MOD - [2012-05-16 15:44:54 | 000,437,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll MOD - [2012-05-16 15:44:16 | 000,604,072 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll MOD - [2012-05-16 13:46:28 | 000,391,056 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll MOD - [2012-05-16 13:46:28 | 000,059,280 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll MOD - [2012-05-16 13:45:30 | 000,110,080 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll MOD - [2012-02-20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012-02-20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011-03-17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010-12-21 02:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll MOD - [2007-03-29 13:02:48 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll MOD - [2007-03-29 12:42:38 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll MOD - [2003-08-12 17:29:26 | 000,049,152 | ---- | M] () -- C:\Program Files\PWN\Definicje\BIN\Starter.exe [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr) SRV - [2012-06-24 18:11:29 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-06-19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-04-22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-04-04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-03-23 23:33:43 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService) SRV - [2012-02-29 09:17:56 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-09-12 07:18:23 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-12 12:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010-07-22 19:07:05 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0) SRV - [2009-10-24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2008-01-19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-19 09:34:43 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC) SRV - [2007-05-28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ac6qd7gj) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a4d87s3j) DRV - [2012-04-22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012-04-04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011-08-21 22:35:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011-08-09 15:24:52 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm) DRV - [2011-08-04 10:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr) DRV - [2011-08-04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-02-25 01:03:16 | 000,014,904 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBTTN.sys -- (HBtnKey) DRV - [2009-11-16 10:21:50 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009-10-03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009-04-29 07:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV - [2008-08-01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD) DRV - [2008-03-03 11:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService) DRV - [2007-07-26 09:25:12 | 000,039,808 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM) DRV - [2007-07-10 06:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007-04-12 04:30:52 | 000,160,768 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService) DRV - [2007-02-24 16:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007-02-17 01:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2007-01-23 19:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007-01-23 18:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\..\SearchScopes,DefaultScope = {666ACB86-C96F-4D4C-A54F-BE3ADA0A10BC} IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\..\SearchScopes\{666ACB86-C96F-4D4C-A54F-BE3ADA0A10BC}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-11-11 23:02:07 | 000,000,000 | ---D | M] O1 HOSTS File: ([2011-10-09 21:22:25 | 000,001,243 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File not found O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [Bonus.SSR.FR10] C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe (ABBYY.) O4 - HKLM..\Run: [DemonStarter] C:\Program Files\PWN\Definicje\BIN\Starter.exe () O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NSU_agent] C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe () O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000..\Run: [] File not found O4 - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000..\Run: [SRS Audio Sandbox] C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe (SRS Labs, Inc.) O4 - HKLM..\RunOnce: [] File not found O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks) O4 - Startup: C:\Users\Grzegorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3 O7 - HKU\S-1-5-21-2177636050-3870589631-2363164863-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14FABC3F-83AF-48BC-B304-5BB9EA72B27D}: DhcpNameServer = 8.8.8.8 8.8.4.4 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-08-22 05:34:48 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012-06-08 16:10:40 | 000,072,143 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2012-07-11 22:13:08 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2012-07-11 22:13:14 | 000,000,000 | RHSD | M] - F:\Autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-11 22:13:08 | 000,000,000 | RHSD | C] -- C:\Autorun.inf [2012-07-11 22:01:05 | 000,000,000 | ---D | C] -- C:\UsbFix [2012-07-11 22:00:46 | 001,269,804 | ---- | C] (El Desaparecido) -- C:\Users\Grzegorz\Desktop\UsbFix.exe [2012-07-11 21:31:55 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Grzegorz\Desktop\OTL.exe [2012-07-11 11:02:37 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-07-11 10:50:18 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-07-11 10:50:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-07-11 10:50:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012-07-11 10:50:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-07-11 10:50:14 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-07-11 10:50:13 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-07-11 10:50:11 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-07-11 10:44:23 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\AppData\Roaming\Malwarebytes [2012-07-11 10:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-07-11 10:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012-07-11 10:43:57 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012-07-11 10:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-07-11 10:41:08 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Grzegorz\Desktop\mbam-setup-1.61.0.1400.exe [2012-07-11 10:24:36 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012-07-11 09:52:25 | 000,000,000 | ---D | C] -- C:\Program Files\SkanerOnline [2012-07-11 09:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2012-07-11 09:46:08 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy [2012-07-11 09:43:22 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Grzegorz\Desktop\spybotsd162.exe [2012-07-10 17:48:36 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Desktop\Londyn [2012-07-09 17:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\Somagic [2012-07-09 17:56:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Somagic [2012-07-09 17:55:38 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\AppData\Local\VHS to DVD [2012-07-09 17:54:55 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Documents\VHS to DVD [2012-07-09 17:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 2.0 SE [2012-07-09 17:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\honestech VHS to DVD 2.0 SE [2012-07-09 17:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\honestech [2012-07-09 17:50:03 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\AppData\Roaming\InstallShield [2012-07-08 21:06:20 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Documents\Sony PMB [2012-07-08 20:27:55 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\AppData\Roaming\Sony Corporation [2012-07-08 20:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB [2012-07-08 20:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2012-07-08 20:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation [2012-07-08 11:55:24 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Desktop\115___07 [2012-07-05 22:52:19 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Documents\Nokia Suite [2012-07-02 21:46:13 | 003,500,960 | ---- | C] (WinAbility® Software Corporation) -- C:\Users\Grzegorz\Desktop\FolderGuard-v84-setup.exe [2012-06-29 16:11:24 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Desktop\SSMiDA - podsumowanie [2012-06-26 20:15:55 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012-06-26 20:15:54 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012-06-26 20:15:15 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012-06-26 20:15:15 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012-06-26 20:15:15 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012-06-26 20:15:01 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012-06-26 20:15:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012-06-26 11:35:56 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\AppData\Roaming\dvdcss [2012-06-26 07:37:02 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Desktop\Recent files [2012-06-24 19:05:24 | 000,000,000 | -H-D | C] -- C:\Users\Grzegorz\Desktop\.picasaoriginals [2012-06-24 18:54:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVD Photo Frame 1.1.1 TRIAL [2012-06-24 18:54:39 | 000,000,000 | ---D | C] -- C:\Program Files\AVD Photo Frame 1.1.1 TRIAL [2012-06-24 17:35:26 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Documents\Foto Sender [2012-06-24 16:38:50 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Documents\Bluetooth Exchange Folder [2012-06-22 20:53:51 | 000,000,000 | ---D | C] -- C:\Users\Grzegorz\Documents\Pliki programu Outlook [2012-06-20 21:16:43 | 000,476,936 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll [2012-06-20 21:16:42 | 000,157,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-06-20 21:16:42 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-06-20 21:16:42 | 000,149,256 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-06-20 21:08:57 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012-06-20 21:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [1 C:\Users\Grzegorz\Desktop\*.tmp files -> C:\Users\Grzegorz\Desktop\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-11 22:34:20 | 000,294,216 | ---- | M] () -- C:\Users\Grzegorz\Desktop\gm.zip [2012-07-11 22:13:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-07-11 22:00:50 | 001,269,804 | ---- | M] (El Desaparecido) -- C:\Users\Grzegorz\Desktop\UsbFix.exe [2012-07-11 21:54:21 | 000,120,817 | ---- | M] () -- C:\Users\Grzegorz\Desktop\london_victoria_timetable.pdf [2012-07-11 21:47:49 | 000,136,500 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012-07-11 21:47:49 | 000,136,500 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012-07-11 21:47:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-07-11 21:31:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Grzegorz\Desktop\OTL.exe [2012-07-11 21:06:53 | 000,005,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-07-11 21:06:52 | 000,005,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-07-11 17:00:01 | 000,002,635 | ---- | M] () -- C:\Users\Grzegorz\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk [2012-07-11 16:57:27 | 000,149,504 | ---- | M] () -- C:\Users\Grzegorz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-11 16:47:40 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2012-07-11 16:43:38 | 2146,402,304 | -HS- | M] () -- C:\hiberfil.sys [2012-07-11 16:42:28 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012-07-11 11:10:36 | 002,326,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-07-11 10:44:06 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-07-11 10:42:48 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Grzegorz\Desktop\mbam-setup-1.61.0.1400.exe [2012-07-11 09:44:16 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\Grzegorz\Desktop\spybotsd162.exe [2012-07-10 14:53:51 | 000,177,698 | ---- | M] () -- C:\Users\Grzegorz\Desktop\Victoria, United Kingdom to 6 Dorset Square, City of Westminster, London NW1, UK - Google Maps.pdf [2012-07-09 22:29:09 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-07-09 22:29:09 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-07-09 18:24:24 | 000,000,690 | ---- | M] () -- C:\Users\Grzegorz\Desktop\Notatki niezaszeregowane.onepkg [2012-07-09 18:23:13 | 000,001,133 | ---- | M] () -- C:\Users\Grzegorz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2010.lnk [2012-07-09 17:54:12 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\honestech VHS to DVD 2.0 SE.lnk [2012-07-09 09:55:26 | 000,281,465 | R--- | M] () -- C:\Users\Grzegorz\Desktop\Potwierdzenie (16).pdf [2012-07-08 20:20:27 | 000,001,705 | ---- | M] () -- C:\Users\Public\Desktop\PMB - pomoc.lnk [2012-07-08 20:20:27 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\PMB - program uruchamiający.lnk [2012-07-08 20:20:27 | 000,000,878 | ---- | M] () -- C:\Users\Public\Desktop\PMB.lnk [2012-07-08 14:04:41 | 000,007,808 | ---- | M] () -- C:\Users\Grzegorz\AppData\Local\d3d9caps.dat [2012-07-07 17:29:37 | 001,093,691 | ---- | M] () -- C:\Users\Grzegorz\Desktop\plugin.video.weeb.tv.0.1.21.zip [2012-07-05 11:17:59 | 000,002,629 | ---- | M] () -- C:\Users\Grzegorz\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel 2010.lnk [2012-07-02 21:47:25 | 003,500,960 | ---- | M] (WinAbility® Software Corporation) -- C:\Users\Grzegorz\Desktop\FolderGuard-v84-setup.exe [2012-07-02 20:40:13 | 005,978,269 | ---- | M] () -- C:\Users\Grzegorz\Desktop\Enej Skrzydlate Ręce (Oficjalny Teledysk).mp3 [2012-06-29 16:00:30 | 000,052,040 | ---- | M] () -- C:\Users\Grzegorz\Desktop\Szczegoly_operacji_2012-06-29_16-00-22.pdf [2012-06-24 18:11:28 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-06-24 18:11:27 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-06-22 20:21:07 | 000,000,187 | ---- | M] () -- C:\Users\Grzegorz\Desktop\Verbatim (F) - Shortcut.lnk [2012-06-20 21:16:13 | 000,157,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-06-20 21:16:13 | 000,149,256 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-06-20 21:16:12 | 000,476,936 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll [2012-06-20 21:16:12 | 000,149,256 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-06-20 21:16:11 | 000,472,840 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2012-06-13 15:40:21 | 002,047,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [1 C:\Users\Grzegorz\Desktop\*.tmp files -> C:\Users\Grzegorz\Desktop\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-11 22:34:19 | 000,294,216 | ---- | C] () -- C:\Users\Grzegorz\Desktop\gm.zip [2012-07-11 21:55:15 | 000,120,817 | ---- | C] () -- C:\Users\Grzegorz\Desktop\london_victoria_timetable.pdf [2012-07-11 10:44:06 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-07-10 14:53:48 | 000,177,698 | ---- | C] () -- C:\Users\Grzegorz\Desktop\Victoria, United Kingdom to 6 Dorset Square, City of Westminster, London NW1, UK - Google Maps.pdf [2012-07-09 18:24:13 | 000,000,690 | ---- | C] () -- C:\Users\Grzegorz\Desktop\Notatki niezaszeregowane.onepkg [2012-07-09 17:54:12 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\honestech VHS to DVD 2.0 SE.lnk [2012-07-09 09:55:57 | 000,281,465 | R--- | C] () -- C:\Users\Grzegorz\Desktop\Potwierdzenie (16).pdf [2012-07-08 20:20:27 | 000,001,705 | ---- | C] () -- C:\Users\Public\Desktop\PMB - pomoc.lnk [2012-07-08 20:20:27 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\PMB - program uruchamiający.lnk [2012-07-08 20:20:27 | 000,000,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk [2012-07-08 20:20:27 | 000,000,878 | ---- | C] () -- C:\Users\Public\Desktop\PMB.lnk [2012-07-07 17:29:36 | 001,093,691 | ---- | C] () -- C:\Users\Grzegorz\Desktop\plugin.video.weeb.tv.0.1.21.zip [2012-07-02 20:39:48 | 005,978,269 | ---- | C] () -- C:\Users\Grzegorz\Desktop\Enej Skrzydlate Ręce (Oficjalny Teledysk).mp3 [2012-06-29 16:00:29 | 000,052,040 | ---- | C] () -- C:\Users\Grzegorz\Desktop\Szczegoly_operacji_2012-06-29_16-00-22.pdf [2012-06-22 20:21:07 | 000,000,187 | ---- | C] () -- C:\Users\Grzegorz\Desktop\Verbatim (F) - Shortcut.lnk [2012-04-28 21:55:11 | 000,707,504 | ---- | C] () -- C:\Users\Grzegorz\AppData\Local\unins000.exe [2012-04-28 21:32:07 | 000,011,761 | ---- | C] () -- C:\Users\Grzegorz\AppData\Local\unins000.msg [2012-04-28 21:32:07 | 000,003,882 | ---- | C] () -- C:\Users\Grzegorz\AppData\Local\unins000.dat [2012-02-27 22:00:42 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2011-11-02 00:02:24 | 000,007,808 | ---- | C] () -- C:\Users\Grzegorz\AppData\Local\d3d9caps.dat [2011-10-30 22:49:34 | 037,214,766 | ---- | C] () -- C:\Windows\System32\Foto Książki_Foto Ksiazki_uninstaller.exe [2011-10-29 17:59:46 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011-10-29 17:59:46 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011-09-15 02:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin [2011-09-12 21:59:03 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI [2011-08-31 18:13:38 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2011-08-26 23:16:46 | 000,434,176 | ---- | C] () -- C:\Windows\System32\ZSHP1018.EXE [2011-08-22 23:30:32 | 000,138,752 | ---- | C] () -- C:\Windows\VM303Uninst64.exe [2011-08-22 23:30:32 | 000,073,728 | ---- | C] () -- C:\Windows\VMInstNT.exe [2011-08-22 23:30:32 | 000,069,632 | ---- | C] () -- C:\Windows\VMInst64.exe [2011-08-22 23:30:32 | 000,040,960 | ---- | C] () -- C:\Windows\VM303UninstNT.exe [2011-08-22 23:30:32 | 000,040,960 | ---- | C] () -- C:\Windows\VM303Uninst.exe [2011-08-22 23:30:32 | 000,032,768 | ---- | C] () -- C:\Windows\VMInst.exe [2011-08-22 22:18:14 | 000,047,360 | ---- | C] () -- C:\Windows\System32\drivers\Surroundhp_kern_i386.sys [2011-08-22 22:18:14 | 000,047,104 | ---- | C] () -- C:\Windows\System32\drivers\tshd4_kern_i386.sys [2011-08-22 22:18:14 | 000,042,112 | ---- | C] () -- C:\Windows\System32\drivers\csiidecoder_kern_i386.sys [2011-08-22 22:18:14 | 000,039,808 | ---- | C] () -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys [2011-08-22 12:55:06 | 000,149,504 | ---- | C] () -- C:\Users\Grzegorz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-08-22 12:00:06 | 000,136,500 | ---- | C] () -- C:\ProgramData\nvModes.001 [2011-08-22 11:59:56 | 000,136,500 | ---- | C] () -- C:\ProgramData\nvModes.dat [2011-08-22 11:35:42 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011-08-22 11:22:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011-08-22 11:22:54 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011-08-22 05:24:02 | 000,103,437 | ---- | C] () -- C:\Windows\hpqins13.dat [2011-08-22 04:12:46 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2011-08-22 04:05:03 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat [2011-07-30 11:57:46 | 003,999,744 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2011-07-12 19:56:50 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-03-19 11:06:02 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-03-19 11:04:28 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [color=#E56717]========== LOP Check ==========[/color] [2012-02-03 12:36:42 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\Canon [2012-01-19 20:47:54 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\cge [2011-08-21 22:41:08 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\DAEMON Tools Lite [2012-04-28 21:49:46 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\e-Deklaracje.A1909296681C7ACEFE45687D3A64758C8659BF46.1 [2012-02-19 23:21:03 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\e-pity [2012-05-04 11:05:01 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\Foxit Software [2011-08-29 14:29:25 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\GHISLER [2011-10-30 23:09:31 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\M-Photo [2011-08-21 21:53:23 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\muvee Technologies [2012-05-28 20:05:00 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\Nokia [2012-02-14 21:08:19 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\Nokia Suite [2011-08-21 21:58:56 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\Opera [2012-03-24 21:50:14 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\PC Suite [2011-10-31 22:25:22 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\Samsung [2012-07-11 09:36:35 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\uTorrent [2011-08-22 22:42:24 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\VistaCodecs [2012-02-16 23:43:00 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\WKPolska [2011-08-31 19:47:26 | 000,000,000 | ---D | M] -- C:\Users\Grzegorz\AppData\Roaming\WSPWNOUP2007 [2012-07-11 16:42:27 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >