OTL logfile created on: 2012-07-23 09:51:49 - Run 1 OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Administrator\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 88,46% Memory free 4,78 Gb Paging File | 4,72 Gb Available in Paging File | 98,71% Paging File free Paging file location(s): C:\pagefile.sys 3000 3000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 10,90 Gb Free Space | 55,81% Space Free | Partition Type: NTFS Drive D: | 148,74 Gb Total Space | 1,94 Gb Free Space | 1,31% Space Free | Partition Type: NTFS Drive E: | 148,74 Gb Total Space | 1,95 Gb Free Space | 1,31% Space Free | Partition Type: NTFS Drive F: | 148,74 Gb Total Space | 1,94 Gb Free Space | 1,30% Space Free | Partition Type: NTFS Drive G: | 155,25 Gb Total Space | 1,95 Gb Free Space | 1,26% Space Free | Partition Type: NTFS Drive H: | 155,25 Gb Total Space | 2,30 Gb Free Space | 1,48% Space Free | Partition Type: NTFS Drive I: | 155,25 Gb Total Space | 1,86 Gb Free Space | 1,20% Space Free | Partition Type: NTFS Drive J: | 1,91 Gb Total Space | 0,07 Gb Free Space | 3,66% Space Free | Partition Type: FAT Computer Name: INTER-BUD3 | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-23 09:29:58 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 14:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userinit.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012-07-12 01:41:12 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-06-06 09:16:00 | 000,185,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV - [2007-12-14 12:46:28 | 000,047,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\GIGABYTE\GEST\GSvr.exe -- (GEST Service) SRV - [2007-06-25 09:47:12 | 001,552,680 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\catchme.sys -- (catchme) DRV - [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2008-12-02 14:17:45 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2008-02-01 09:43:10 | 000,068,192 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVECP2.sys -- (GVECP2) DRV - [2007-12-14 14:30:24 | 000,039,360 | R--- | M] (GeoVision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVUSBD.sys -- (GVUSBD) DRV - [2007-12-05 15:45:30 | 000,104,064 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-10-11 12:10:52 | 000,030,008 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ET5Drv.sys -- (ET5Drv) DRV - [2007-09-29 07:30:52 | 000,065,024 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID) DRV - [2007-09-19 11:16:32 | 004,617,728 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-06-25 09:47:12 | 000,038,440 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm) DRV - [2007-06-25 09:47:12 | 000,036,776 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass) DRV - [2007-06-25 09:47:12 | 000,016,040 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec) DRV - [2007-06-25 09:47:02 | 000,119,080 | ---- | M] (Nero AG) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs) DRV - [2007-01-18 08:26:56 | 000,814,224 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVMPJVS.sys -- (GVMPJVS) DRV - [2004-10-20 08:03:12 | 000,110,976 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1338615404_242441 IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms} IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&crg=3.1010000&st=10&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012-06-21 07:55:50 | 000,000,000 | ---D | M] [2012-06-21 07:55:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions O1 HOSTS File: ([2012-07-23 09:14:08 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\MultiCam Auto Start.lnk = C:\GV2008\DM500Startup.exe ( ) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1228130428094 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://dl8-cdn-03.sun.com/s/ESD5/JSCDL/jre/6u10-b92-b/jinstall-6u10-windows-i586-jc.cab?e=1228220178027&h=764d45d75d7049a54092cb322edf5b54/&filename=jinstall-6u10-windows-i586-jc.cab (Java Plug-in 1.6.0_10) O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} http://95.215.21.99:2001/ssi.cgi/cab/OCXChecker_8310.cab (OCXDownloadChecker Control) O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab (Java Plug-in 1.6.0_10) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D655769A-A9FC-4D39-AD2C-FDA799881331}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-11-28 16:33:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-23 09:51:35 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2012-07-23 09:32:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-07-23 09:31:17 | 010,299,264 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Pulpit\Microsoft Security Essentials.exe [2012-07-23 09:23:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Malwarebytes [2012-07-23 09:10:39 | 000,000,000 | RHSD | C] -- C:\cmdcons [2012-07-23 09:10:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss [2012-07-23 08:57:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012-07-23 08:57:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012-07-23 08:57:24 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012-07-23 08:57:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012-07-23 08:57:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Narzędzia administracyjne [2012-07-23 08:57:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje wideo [2012-07-23 08:57:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moje obrazy [2012-07-23 08:57:15 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Moja muzyka [2012-07-23 08:56:35 | 004,582,474 | R--- | C] (Swearware) -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe [2012-07-21 18:31:38 | 000,000,000 | ---D | C] -- C:\BOS [2012-07-21 18:16:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2012-07-21 18:16:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2012-07-21 18:16:35 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012-07-21 18:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-07-21 18:09:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2012-07-21 18:09:55 | 000,000,000 | ---D | C] -- C:\Qoobox [2012-07-21 18:09:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2012-07-21 18:09:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje obrazy [2012-07-21 18:09:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moja muzyka [2012-07-21 18:09:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty [2012-07-20 20:17:38 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2012-07-20 20:17:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo [2012-07-20 20:17:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2012-07-20 20:17:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start [2012-07-20 20:17:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart [2012-07-20 20:17:38 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria [2012-07-20 20:17:38 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies [2012-07-20 20:17:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne [2012-07-20 20:17:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony [2012-07-20 20:17:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Recent [2012-07-20 20:17:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood [2012-07-20 20:17:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood [2012-07-20 20:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ulubione [2012-07-20 20:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit [2012-07-20 20:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2012-07-20 20:17:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-07-20 20:09:21 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012-07-20 20:09:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2012-07-19 23:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\dltmrqnbssmprak [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-23 09:51:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-07-23 09:49:24 | 000,001,785 | ---- | M] () -- C:\WINDOWS\GeoRepair.ini [2012-07-23 09:49:22 | 000,000,150 | ---- | M] () -- C:\WINDOWS\GeoDebugMP4U.ini [2012-07-23 09:49:21 | 000,003,778 | ---- | M] () -- C:\WINDOWS\GeoDebugVS.ini [2012-07-23 09:49:17 | 000,000,480 | ---- | M] () -- C:\WINDOWS\Upload.ini [2012-07-23 09:49:17 | 000,000,017 | ---- | M] () -- C:\WINDOWS\VSInfo.ini [2012-07-23 09:49:15 | 000,000,420 | ---- | M] () -- C:\WINDOWS\GeoDebug61.ini [2012-07-23 09:49:15 | 000,000,109 | ---- | M] () -- C:\WINDOWS\GeoHealth.ini [2012-07-23 09:41:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-07-23 09:39:52 | 000,383,238 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2012-07-23 09:39:52 | 000,337,052 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012-07-23 09:39:52 | 000,064,858 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2012-07-23 09:39:52 | 000,051,396 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012-07-23 09:38:31 | 000,002,518 | ---- | M] () -- C:\WINDOWS\Geo6cam.ini [2012-07-23 09:38:29 | 000,036,683 | ---- | M] () -- C:\WINDOWS\GeoMulti.ini [2012-07-23 09:38:29 | 000,003,166 | ---- | M] () -- C:\WINDOWS\GeoRuntime.ini [2012-07-23 09:38:22 | 000,003,772 | ---- | M] () -- C:\WINDOWS\GvPTZ_General.ini [2012-07-23 09:38:22 | 000,001,507 | ---- | M] () -- C:\WINDOWS\GvPTZ_ADEMCO.ini [2012-07-23 09:38:22 | 000,001,497 | ---- | M] () -- C:\WINDOWS\GvPTZ_PELCO.ini [2012-07-23 09:38:22 | 000,001,437 | ---- | M] () -- C:\WINDOWS\GvPTZ_SAMSUNG.ini [2012-07-23 09:38:22 | 000,001,394 | ---- | M] () -- C:\WINDOWS\GvPTZ_DYNACOLOR.ini [2012-07-23 09:38:22 | 000,001,391 | ---- | M] () -- C:\WINDOWS\GvPTZ_PANASONIC.ini [2012-07-23 09:38:22 | 000,001,382 | ---- | M] () -- C:\WINDOWS\GvPTZ_LININ.ini [2012-07-23 09:38:22 | 000,001,375 | ---- | M] () -- C:\WINDOWS\GvPTZ_SAMSUNG2.ini [2012-07-23 09:38:22 | 000,001,373 | ---- | M] () -- C:\WINDOWS\GvPTZ_SENSORMATIC.ini [2012-07-23 09:38:22 | 000,001,336 | ---- | M] () -- C:\WINDOWS\GvPTZ_KALATEL.ini [2012-07-23 09:38:22 | 000,001,323 | ---- | M] () -- C:\WINDOWS\GvPTZ_DMAX.ini [2012-07-23 09:38:22 | 000,001,297 | ---- | M] () -- C:\WINDOWS\GvPTZ_SONY.ini [2012-07-23 09:38:22 | 000,000,751 | ---- | M] () -- C:\WINDOWS\GvPTZ_Pelco Spectra 3.ini [2012-07-23 09:38:22 | 000,000,735 | ---- | M] () -- C:\WINDOWS\GvPTZ_Pishion 22X.ini [2012-07-23 09:38:22 | 000,000,732 | ---- | M] () -- C:\WINDOWS\GvPTZ_MESSOA_700.ini [2012-07-23 09:38:22 | 000,000,716 | ---- | M] () -- C:\WINDOWS\GvPTZ_MESSOA.ini [2012-07-23 09:38:22 | 000,000,690 | ---- | M] () -- C:\WINDOWS\GvPTZ_Minking.ini [2012-07-23 09:38:22 | 000,000,683 | ---- | M] () -- C:\WINDOWS\GvPTZ_LG_Multix.ini [2012-07-23 09:38:22 | 000,000,660 | ---- | M] () -- C:\WINDOWS\GvPTZ_Panasonic_WV_CS960.ini [2012-07-23 09:38:22 | 000,000,652 | ---- | M] () -- C:\WINDOWS\GvPTZ_SAE.ini [2012-07-23 09:38:22 | 000,000,630 | ---- | M] () -- C:\WINDOWS\GvPTZ_TOA cc551.ini [2012-07-23 09:38:22 | 000,000,627 | ---- | M] () -- C:\WINDOWS\GvPTZ_NanWang.ini [2012-07-23 09:38:22 | 000,000,620 | ---- | M] () -- C:\WINDOWS\GvPTZ_lilin7625.ini [2012-07-23 09:38:22 | 000,000,617 | ---- | M] () -- C:\WINDOWS\GvPTZ_Samsung(SPD-3300).ini [2012-07-23 09:38:22 | 000,000,616 | ---- | M] () -- C:\WINDOWS\GvPTZ_PelcoSpetraMini.ini [2012-07-23 09:38:22 | 000,000,614 | ---- | M] () -- C:\WINDOWS\GvPTZ_ELBEX.ini [2012-07-23 09:38:22 | 000,000,612 | ---- | M] () -- C:\WINDOWS\GvPTZ_HiSharp PelcoP.ini [2012-07-23 09:38:22 | 000,000,609 | ---- | M] () -- C:\WINDOWS\GvPTZ_Dynacolor2.ini [2012-07-23 09:38:22 | 000,000,605 | ---- | M] () -- C:\WINDOWS\GvPTZ_EverFocus.ini [2012-07-23 09:38:22 | 000,000,604 | ---- | M] () -- C:\WINDOWS\GvPTZ_HiSharp PelcoD.ini [2012-07-23 09:38:22 | 000,000,591 | ---- | M] () -- C:\WINDOWS\GvPTZ_VIDO.ini [2012-07-23 09:38:22 | 000,000,589 | ---- | M] () -- C:\WINDOWS\GvPTZ_KenKo.ini [2012-07-23 09:38:22 | 000,000,589 | ---- | M] () -- C:\WINDOWS\GvPTZ_D-max.ini [2012-07-23 09:38:22 | 000,000,564 | ---- | M] () -- C:\WINDOWS\GvPTZ_YAAN.ini [2012-07-23 09:38:22 | 000,000,564 | ---- | M] () -- C:\WINDOWS\GvPTZ_JVC.ini [2012-07-23 09:38:22 | 000,000,555 | ---- | M] () -- C:\WINDOWS\GvPTZ_GKB.ini [2012-07-23 09:38:22 | 000,000,550 | ---- | M] () -- C:\WINDOWS\GvPTZ_JEC.ini [2012-07-23 09:38:22 | 000,000,510 | ---- | M] () -- C:\WINDOWS\GvPTZ_bosch.ini [2012-07-23 09:38:22 | 000,000,504 | ---- | M] () -- C:\WINDOWS\GvPTZ_CPT.ini [2012-07-23 09:38:22 | 000,000,502 | ---- | M] () -- C:\WINDOWS\GvPTZ_KZC.ini [2012-07-23 09:38:22 | 000,000,501 | ---- | M] () -- C:\WINDOWS\GvPTZ_ZC.ini [2012-07-23 09:38:22 | 000,000,407 | ---- | M] () -- C:\WINDOWS\GvPTZ_VCC50i.ini [2012-07-23 09:38:22 | 000,000,380 | ---- | M] () -- C:\WINDOWS\GvPTZ_IO.ini [2012-07-23 09:38:22 | 000,000,339 | ---- | M] () -- C:\WINDOWS\GvPTZ_V4.ini [2012-07-23 09:38:22 | 000,000,273 | ---- | M] () -- C:\WINDOWS\GvPTZ_PTU.ini [2012-07-23 09:38:22 | 000,000,256 | ---- | M] () -- C:\WINDOWS\GvPTZ_MINTRON.ini [2012-07-23 09:38:22 | 000,000,234 | ---- | M] () -- C:\WINDOWS\GvPTZ_V3.ini [2012-07-23 09:38:19 | 000,001,829 | ---- | M] () -- C:\WINDOWS\GVComPort.INI [2012-07-23 09:36:14 | 000,000,231 | ---- | M] () -- C:\WINDOWS\GeoPAL.ini [2012-07-23 09:36:13 | 000,000,065 | ---- | M] () -- C:\WINDOWS\GeoRIOM.ini [2012-07-23 09:36:04 | 000,000,046 | ---- | M] () -- C:\WINDOWS\geomcast.ini [2012-07-23 09:36:04 | 000,000,041 | ---- | M] () -- C:\WINDOWS\geoat.ini [2012-07-23 09:36:02 | 000,000,355 | ---- | M] () -- C:\WINDOWS\GeoHWRecSetting.ini [2012-07-23 09:35:56 | 000,000,022 | ---- | M] () -- C:\WINDOWS\geobcast.ini [2012-07-23 09:35:55 | 000,000,205 | ---- | M] () -- C:\WINDOWS\geolan.ini [2012-07-23 09:35:49 | 000,000,020 | ---- | M] () -- C:\WINDOWS\GEO_CS.ini [2012-07-23 09:35:48 | 000,002,021 | ---- | M] () -- C:\WINDOWS\VIDO_U.ini [2012-07-23 09:35:48 | 000,001,459 | ---- | M] () -- C:\WINDOWS\YAAN_U.ini [2012-07-23 09:35:48 | 000,000,377 | ---- | M] () -- C:\WINDOWS\VCC50i_U.ini [2012-07-23 09:35:47 | 000,002,036 | ---- | M] () -- C:\WINDOWS\JVC_TK_U.ini [2012-07-23 09:35:47 | 000,001,900 | ---- | M] () -- C:\WINDOWS\TOA_cc551_U.ini [2012-07-23 09:35:47 | 000,001,820 | ---- | M] () -- C:\WINDOWS\Bosch_U.ini [2012-07-23 09:35:47 | 000,001,615 | ---- | M] () -- C:\WINDOWS\SAE_U.ini [2012-07-23 09:35:47 | 000,001,475 | ---- | M] () -- C:\WINDOWS\ELBEX_U.ini [2012-07-23 09:35:47 | 000,001,460 | ---- | M] () -- C:\WINDOWS\HiSharp PelcoP_U.ini [2012-07-23 09:35:47 | 000,001,460 | ---- | M] () -- C:\WINDOWS\HiSharp PelcoD_U.ini [2012-07-23 09:35:47 | 000,001,460 | ---- | M] () -- C:\WINDOWS\D-max_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Samsung(SPD-3300)_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Pishion 22X_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\PelcoSpetra3_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\PelcoSpetra Mini Dome ( SD4-WO)_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Messoa_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\MESSOA D-700 series_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Lilin7625_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\LG_Multix_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\JEC_P_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\GKB_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\EverFocus_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Dynacolor2_U.ini [2012-07-23 09:35:47 | 000,001,459 | ---- | M] () -- C:\WINDOWS\CPT_U.ini [2012-07-23 09:35:47 | 000,001,458 | ---- | M] () -- C:\WINDOWS\KamKo_U.ini [2012-07-23 09:35:47 | 000,001,455 | ---- | M] () -- C:\WINDOWS\Minking_U.ini [2012-07-23 09:35:47 | 000,001,425 | ---- | M] () -- C:\WINDOWS\NanWang_U.ini [2012-07-23 09:35:47 | 000,001,119 | ---- | M] () -- C:\WINDOWS\Panasonic(CS960)_U.ini [2012-07-23 09:35:47 | 000,001,105 | ---- | M] () -- C:\WINDOWS\ZC-122_U.ini [2012-07-23 09:35:43 | 000,001,068 | ---- | M] () -- C:\WINDOWS\KZC_U.ini [2012-07-23 09:35:41 | 000,001,980 | ---- | M] () -- C:\WINDOWS\SonySNC_RZ50_U.ini [2012-07-23 09:35:41 | 000,001,980 | ---- | M] () -- C:\WINDOWS\SonySNC_RZ25_U.ini [2012-07-23 09:35:41 | 000,001,980 | ---- | M] () -- C:\WINDOWS\SonySNC_RX550_U.ini [2012-07-23 09:35:41 | 000,001,952 | ---- | M] () -- C:\WINDOWS\SonySNC_P5_U.ini [2012-07-23 09:35:41 | 000,001,933 | ---- | M] () -- C:\WINDOWS\PTU_U.ini [2012-07-23 09:35:41 | 000,000,172 | ---- | M] () -- C:\WINDOWS\Panasonic_BB_BL_U.ini [2012-07-23 09:35:40 | 000,002,019 | ---- | M] () -- C:\WINDOWS\Axis_PTZ_U.ini [2012-07-23 09:35:40 | 000,001,599 | ---- | M] () -- C:\WINDOWS\Semsonmatic_U.ini [2012-07-23 09:35:40 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Samsung_U.ini [2012-07-23 09:35:40 | 000,000,537 | ---- | M] () -- C:\WINDOWS\JVC_IPCAM_PTZ_U.ini [2012-07-23 09:35:40 | 000,000,172 | ---- | M] () -- C:\WINDOWS\Panasonic_BB381_481_U.ini [2012-07-23 09:35:39 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Samsung(SDC-1600)_U.ini [2012-07-23 09:35:39 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Lilin_U.ini [2012-07-23 09:35:39 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Kalatal_U.ini [2012-07-23 09:35:39 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Dynacolor_U.ini [2012-07-23 09:35:39 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Dome_PelcoP_U.ini [2012-07-23 09:35:39 | 000,001,459 | ---- | M] () -- C:\WINDOWS\Dome_PelcoD_U.ini [2012-07-23 09:35:39 | 000,001,459 | ---- | M] () -- C:\WINDOWS\AdemCo_U.ini [2012-07-23 09:35:39 | 000,001,392 | ---- | M] () -- C:\WINDOWS\Sony_U.ini [2012-07-23 09:35:39 | 000,001,224 | ---- | M] () -- C:\WINDOWS\DongYang_U.ini [2012-07-23 09:35:39 | 000,001,119 | ---- | M] () -- C:\WINDOWS\Panasonic_U.ini [2012-07-23 09:35:38 | 000,001,459 | ---- | M] () -- C:\WINDOWS\VCC4_U.ini [2012-07-23 09:35:38 | 000,001,459 | ---- | M] () -- C:\WINDOWS\VCC3_U.ini [2012-07-23 09:35:38 | 000,000,966 | ---- | M] () -- C:\WINDOWS\PTZBackupFile.ini [2012-07-23 09:35:38 | 000,000,642 | ---- | M] () -- C:\WINDOWS\M3JPEG.ini [2012-07-23 09:35:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\GeoDataFIFO.ini [2012-07-23 09:35:34 | 000,007,484 | ---- | M] () -- C:\WINDOWS\GeoVStatus.ini [2012-07-23 09:35:34 | 000,000,050 | ---- | M] () -- C:\WINDOWS\GeoWT.ini [2012-07-23 09:35:27 | 000,198,944 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012-07-23 09:29:58 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\OTL.exe [2012-07-23 09:23:35 | 000,001,919 | ---- | M] () -- C:\WINDOWS\epplauncher.mif [2012-07-23 09:23:11 | 000,000,297 | RHS- | M] () -- C:\boot.ini [2012-07-23 09:14:08 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2012-07-23 09:13:14 | 004,582,474 | R--- | M] (Swearware) -- C:\Documents and Settings\Administrator\Pulpit\ComboFix.exe [2012-07-23 08:58:09 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-21 18:19:28 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-07-20 00:50:09 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-07-17 12:16:09 | 000,000,174 | ---- | M] () -- C:\WINDOWS\geohealth-07.ini [2012-07-12 01:41:11 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-07-12 01:41:11 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-07-03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012-07-02 01:21:06 | 010,299,264 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Administrator\Pulpit\Microsoft Security Essentials.exe [2012-06-27 12:48:00 | 000,000,133 | ---- | M] () -- C:\WINDOWS\geohealth-06.ini [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-23 09:23:35 | 000,001,919 | ---- | C] () -- C:\WINDOWS\epplauncher.mif [2012-07-23 09:10:56 | 000,000,211 | -HS- | C] () -- C:\BOOT.BAK [2012-07-23 09:10:53 | 000,262,416 | RHS- | C] () -- C:\cmldr [2012-07-23 08:57:24 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012-07-23 08:57:24 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012-07-23 08:57:24 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012-07-23 08:57:24 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012-07-23 08:57:24 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2012-07-21 18:19:28 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2012-07-20 20:17:38 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk [2012-07-20 20:17:38 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk [2012-07-20 20:11:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-07 06:40:59 | 000,000,174 | ---- | C] () -- C:\WINDOWS\geohealth-07.ini [2012-06-01 11:51:58 | 000,000,133 | ---- | C] () -- C:\WINDOWS\geohealth-06.ini [2012-04-03 13:13:38 | 000,000,066 | ---- | C] () -- C:\WINDOWS\geohealth-04.ini [2011-11-28 14:01:09 | 000,000,068 | ---- | C] () -- C:\WINDOWS\geohealth-11.ini [2011-10-10 13:13:52 | 000,000,068 | ---- | C] () -- C:\WINDOWS\geohealth-10.ini [2011-09-21 14:50:40 | 000,000,067 | ---- | C] () -- C:\WINDOWS\geohealth-09.ini [2011-02-18 18:24:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini < End of report >