OTL logfile created on: 2012-07-26 18:51:28 - Run 3 OTL by OldTimer - Version 3.2.54.1 Folder = D:\Downloads Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,50 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 82,38% Memory free 2,59 Gb Paging File | 2,53 Gb Available in Paging File | 97,48% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 9,77 Gb Total Space | 0,70 Gb Free Space | 7,15% Space Free | Partition Type: NTFS Drive D: | 64,78 Gb Total Space | 7,02 Gb Free Space | 10,83% Space Free | Partition Type: NTFS Computer Name: PRYWATNA-GAZDA | User Name: Mateusz | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-07-26 17:10:18 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2005-12-29 21:26:48 | 000,005,376 | ---- | M] () -- C:\WINDOWS\system32\AntiWPA.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService) SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012-07-15 14:10:57 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-07-12 21:14:11 | 000,654,944 | ---- | M] (Wellbia.com Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\xsherlock.xem -- (xsherlock) SRV - [2012-07-10 21:00:33 | 004,419,392 | ---- | M] () [Auto | Stopped] -- c:\program files\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai) SRV - [2010-07-01 01:27:00 | 003,608,448 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc) SRV - [2007-07-04 18:07:30 | 000,406,888 | ---- | M] (Cyanide) [Auto | Stopped] -- C:\WINDOWS\System32\pr2agqwb.exe -- (pr2agqwb) SRV - [2007-05-16 10:41:18 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2006-10-27 01:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\xhunter1.sys -- (xhunter1) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva393.sys -- (XDva393) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva391.sys -- (XDva391) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva389.sys -- (XDva389) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva388.sys -- (XDva388) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva387.sys -- (XDva387) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva359.sys -- (XDva359) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\vtany.sys -- (vtany) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Mateusz\USTAWI~1\Temp\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aeph6hcs) DRV - [2012-04-23 13:26:26 | 000,108,448 | ---- | M] (Tonec Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\idmtdi.sys -- (IDMTDI) DRV - [2011-12-01 15:25:42 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2011-12-01 15:25:41 | 000,025,888 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010-11-23 19:23:04 | 000,682,232 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009-03-18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-04-13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) DRV - [2008-01-10 07:40:38 | 002,846,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-07-04 18:07:10 | 000,064,616 | ---- | M] (Cyanide) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pe3agqwb.sys -- (pe3agqwb) DRV - [2007-07-04 18:06:52 | 000,054,896 | ---- | M] (Cyanide) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ps6agqwb.sys -- (ps6agqwb) DRV - [2007-05-29 13:30:38 | 000,508,160 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207) DRV - [2005-05-03 11:31:56 | 000,045,056 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AGPKX.SYS -- (uliagpkx) DRV - [2005-03-09 16:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004-12-22 11:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2004-12-02 10:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2004-12-01 04:49:18 | 000,051,840 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\m5289.sys -- (m5289) DRV - [2004-08-04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2004-05-02 10:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {14144857-F60B-4EE6-81EA-9C1C5F9B549F} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{14144857-F60B-4EE6-81EA-9C1C5F9B549F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {14144857-F60B-4EE6-81EA-9C1C5F9B549F} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101067&mntrId=0cdfea840000000000000016e6412806 IE - HKCU\..\SearchScopes\{14144857-F60B-4EE6-81EA-9C1C5F9B549F}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RNQN_plPL479 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421; [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "Search the web" FF - prefs.js..browser.search.order.1: "Search the web" FF - prefs.js..browser.search.selectedEngine: "Search the web" FF - prefs.js..browser.startup.homepage: "http://pl.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pl:official" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.3.19 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: gencrawler@some.com:2.0 FF - prefs.js..extensions.enabledItems: welcome@toolmin.com:1.03 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33 FF - prefs.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - user.js..browser.search.selectedEngine: "Search the web" FF - user.js..browser.search.order.1: "Search the web" FF - user.js..browser.search.defaultenginename: "Search the web" FF - user.js..keyword.URL: "http://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Documents and Settings\All Users\Dane aplikacji\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox [2011-09-01 17:33:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011-09-01 17:33:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-04-13 21:34:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-06-24 11:26:54 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Mateusz\Dane aplikacji\IDM\idmmzcc3 [2012-05-09 16:29:47 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Mateusz\Dane aplikacji\IDM\idmmzcc3 [2012-05-09 16:29:47 | 000,000,000 | ---D | M] [2010-11-25 17:03:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Extensions [2012-07-01 00:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\u43nv390.default\extensions [2011-10-03 18:43:10 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\u43nv390.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-12-19 23:14:32 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\u43nv390.default\extensions\engine@conduit.com [2012-02-19 17:56:42 | 000,000,000 | ---D | M] (toolplugin) -- C:\Documents and Settings\Mateusz\Dane aplikacji\Mozilla\Firefox\Profiles\u43nv390.default\extensions\welcome@toolmin.com [2012-07-01 00:46:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-21 18:37:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011-03-14 18:47:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-07-09 16:13:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2012-06-24 11:26:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-05-09 16:29:47 | 000,000,000 | ---D | M] (IDM CC) -- C:\DOCUMENTS AND SETTINGS\MATEUSZ\DANE APLIKACJI\IDM\IDMMZCC3 [2011-12-21 22:31:29 | 000,000,000 | ---D | M] (General Crawler) -- C:\DOCUMENTS AND SETTINGS\MATEUSZ\DANE APLIKACJI\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM [2012-06-24 11:26:38 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-11-26 16:45:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2012-01-25 12:54:57 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-12-21 22:30:45 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-01-25 12:54:57 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-01-25 12:54:57 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-01-25 12:54:57 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-02-19 17:56:42 | 000,000,158 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search the web.src [2012-01-25 12:54:57 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-01-25 12:54:57 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2004-08-04 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Expressivo) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\IH_iexplore.dll (IVO Software Sp. z o.o.) O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll (Conduit Ltd.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Documents and Settings\Mateusz\Dane aplikacji\Media Finder\Extensions\gencrawler_gc.dll () O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O3 - HKLM\..\Toolbar: (Expressivo) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - C:\Program Files\ivo\Expressivo\IH_iexplore.dll (IVO Software Sp. z o.o.) O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Documents and Settings\Mateusz\Dane aplikacji\toolplugin\toolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe (ALi Corporation) O4 - HKLM..\Run: [GrooveMonitor] D:\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [RpcPing] C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\1395\RpcPing.exe File not found O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [WmiMgmt] C:\Documents and Settings\Mateusz1\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows\519\WmiMgmt.exe File not found O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.) O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.) O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) O4 - HKCU..\Run: [MSIDLL] C:\WINDOWS\System32\msimyo32.dll () O4 - HKCU..\Run: [Overwolf] C:\Program Files\Overwolf\Overwolf.exe -silent File not found O4 - HKCU..\RunOnce: [6F63A588197A50A9D2B98B5A81CB3F95] C:\Documents and Settings\All Users\Dane aplikacji\6F63A588197A50A9D2B98B5A81CB3F95\6F63A588197A50A9D2B98B5A81CB3F95.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe () O4 - Startup: C:\Documents and Settings\Mateusz\Menu Start\Programy\Autostart\Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = D:\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm File not found O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm File not found O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm File not found O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\JC_LINK.HTM () O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\JC_ALL.HTM () O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Ściągnij przez IDM - C:\Program Files\Internet Download Manager\IEExt.htm () O8 - Extra context menu item: Ściągnij wszystkie linki przez IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm () O8 - Extra context menu item: Ściągnij zawartość wideo FLV przez IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - Reg Error: Key error. File not found O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {1A781DED-4153-C22D-3213-A3211E29DF13} http://cached.gamedesire.com/g_bin/pl/cards_2_0_0_81.cab (GameDesire Card Games) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E63D1B06-437B-4221-B08D-B3716C698861}: NameServer = 194.204.152.34,194.204.159.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Overwolf\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\Antiwpa: DllName - (antiwpa.dll) - C:\WINDOWS\System32\AntiWPA.dll () O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-11-23 18:24:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1150fd04-de2c-11e0-bf70-0016e6412806}\Shell - "" = AutoRun O33 - MountPoints2\{1150fd04-de2c-11e0-bf70-0016e6412806}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{1150fd07-de2c-11e0-bf70-0016e6412806}\Shell - "" = AutoRun O33 - MountPoints2\{1150fd07-de2c-11e0-bf70-0016e6412806}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{4360fb60-2fde-11e1-8107-0016e6412806}\Shell - "" = AutoRun O33 - MountPoints2\{4360fb60-2fde-11e1-8107-0016e6412806}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.hta O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-07-25 14:22:09 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information [2012-07-24 22:27:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Menu Start\Programy\Live Security Platinum [2012-07-24 22:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\6F63A588197A50A9D2B98B5A81CB3F95 [2012-07-24 22:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\hellomoto [2012-07-22 17:14:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ATI [2012-07-22 17:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Catalyst Control Center [2012-07-22 17:08:16 | 000,143,422 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax [2012-07-22 17:06:27 | 000,307,200 | R--- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll [2012-07-22 17:06:24 | 000,159,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiok3x2.dll [2012-07-22 17:06:23 | 000,368,640 | R--- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll [2012-07-22 17:06:22 | 000,385,024 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll [2012-07-22 17:06:21 | 000,122,880 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll [2012-07-22 17:06:20 | 000,147,456 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll [2012-07-22 17:06:18 | 000,122,880 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll [2012-07-22 17:06:18 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll [2012-07-22 17:06:18 | 000,017,408 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll [2012-07-22 17:06:17 | 000,053,248 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL [2012-07-22 17:06:16 | 000,046,080 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll [2012-07-22 17:06:10 | 001,664,384 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll [2012-07-22 17:06:09 | 003,121,888 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll [2012-07-22 17:06:08 | 000,499,712 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll [2012-07-22 17:06:06 | 000,049,152 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll [2012-07-22 17:05:55 | 002,846,720 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2012-07-21 18:49:26 | 019,603,456 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll [2012-07-21 18:49:26 | 000,938,368 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvamv.dll [2012-07-21 18:49:26 | 000,233,472 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll [2012-07-21 18:49:26 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibtmon.exe [2012-07-21 18:49:26 | 000,065,024 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll [2012-07-21 18:47:32 | 000,000,000 | ---D | C] -- C:\AMD [2012-07-21 18:23:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Lavalys [2012-07-20 21:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ATI HYDRAVISION [2012-07-20 21:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012-07-20 20:45:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2012-07-20 20:44:22 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin [2012-07-20 20:40:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\Zbang.it [2012-07-15 14:10:49 | 009,822,920 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2012-07-13 20:44:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\TS3Client [2012-07-13 20:41:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamSpeak 3 Client [2012-06-26 20:46:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mateusz\Dane aplikacji\.mono [2012-06-26 20:46:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\.mono [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-07-26 18:27:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-07-26 18:16:00 | 000,000,670 | ---- | M] () -- C:\WINDOWS\tasks\hpwebreg_CN08H2J04405HW.job [2012-07-26 18:13:03 | 000,000,476 | ---- | M] () -- C:\WINDOWS\tasks\At3.job [2012-07-26 18:10:06 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-07-26 18:05:27 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-07-26 17:46:44 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-07-26 17:42:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-07-26 16:36:18 | 000,012,146 | ---- | M] () -- C:\Documents and Settings\Mateusz\AVGIDSAgent [2012-07-26 16:15:51 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-07-25 14:44:32 | 000,000,052 | ---- | M] () -- C:\WINDOWS\mafosav.INI [2012-07-24 22:27:21 | 000,002,346 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\Live Security Platinum.lnk [2012-07-23 16:54:52 | 003,932,214 | ---- | M] () -- C:\Documents and Settings\Mateusz\Moje dokumenty\bez tytułu.bmp [2012-07-23 14:00:00 | 000,000,476 | ---- | M] () -- C:\WINDOWS\tasks\At4.job [2012-07-22 18:25:19 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2012-07-22 18:21:56 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI [2012-07-22 14:08:10 | 000,250,880 | ---- | M] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-21 18:23:23 | 000,000,467 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\EVEREST Home Edition.lnk [2012-07-21 17:49:52 | 000,000,206 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\CD-ROM (H).lnk [2012-07-20 20:40:00 | 000,000,476 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2012-07-20 17:32:57 | 000,000,394 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job [2012-07-15 14:10:56 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-07-15 14:10:56 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-07-15 14:10:50 | 009,822,920 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2012-07-13 20:41:05 | 000,000,500 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2012-07-12 21:14:11 | 000,654,944 | ---- | M] (Wellbia.com Co., Ltd.) -- C:\WINDOWS\System32\xsherlock.xem [2012-07-09 17:02:15 | 000,036,560 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\5345.jpg [2012-07-04 06:35:02 | 019,603,456 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll [2012-07-04 06:22:56 | 000,938,368 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvamv.dll [2012-07-04 06:04:28 | 002,852,480 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2012-07-04 05:56:20 | 000,233,472 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll [2012-07-04 05:48:34 | 000,065,024 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll [2012-06-30 11:51:50 | 000,070,014 | ---- | M] () -- C:\Documents and Settings\Mateusz\Pulpit\428396_436895946344943_469000393_n.jpg [7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-07-26 16:36:18 | 000,012,146 | ---- | C] () -- C:\Documents and Settings\Mateusz\AVGIDSAgent [2012-07-24 22:27:21 | 000,002,346 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\Live Security Platinum.lnk [2012-07-22 17:08:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2012-07-22 17:08:27 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax [2012-07-22 17:08:27 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax [2012-07-22 17:08:27 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax [2012-07-22 17:08:23 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll [2012-07-22 17:08:22 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll [2012-07-22 17:08:20 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax [2012-07-22 17:08:20 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll [2012-07-22 17:08:20 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll [2012-07-22 17:08:03 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mpg2splt.ax [2012-07-22 17:06:39 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2012-07-22 17:06:28 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe [2012-07-22 17:06:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe [2012-07-22 17:06:27 | 000,011,874 | R--- | C] () -- C:\WINDOWS\atiogl.xml [2012-07-22 17:06:23 | 000,007,167 | R--- | C] () -- C:\WINDOWS\System32\atifglpf.xml [2012-07-22 17:06:16 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2012-07-22 17:06:15 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2012-07-22 17:06:13 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2012-07-22 17:06:13 | 000,165,782 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2012-07-21 18:49:26 | 002,852,480 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap [2012-07-21 18:23:23 | 000,000,467 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\EVEREST Home Edition.lnk [2012-07-21 17:49:52 | 000,000,206 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\CD-ROM (H).lnk [2012-07-15 13:40:49 | 000,000,930 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-07-13 20:41:05 | 000,000,500 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamSpeak 3 Client.lnk [2012-07-09 17:02:51 | 000,036,560 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\5345.jpg [2012-06-30 11:52:44 | 000,070,014 | ---- | C] () -- C:\Documents and Settings\Mateusz\Pulpit\428396_436895946344943_469000393_n.jpg [2012-05-13 22:00:00 | 000,139,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2012-05-13 22:00:00 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\PnkBstrK.sys [2012-05-13 21:59:37 | 000,111,928 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2012-05-13 21:59:36 | 000,794,408 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2012-05-13 21:59:36 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2012-02-21 18:23:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Infob.dat [2012-02-21 18:23:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Infoa.dat [2012-01-07 17:40:55 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini [2011-12-21 22:20:42 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\msimyo32.dll [2011-12-01 15:25:42 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2011-12-01 15:25:41 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2011-11-12 21:39:49 | 000,000,778 | ---- | C] () -- C:\WINDOWS\Quake.INI [2011-08-25 18:06:13 | 000,729,912 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2011-07-15 19:35:58 | 000,000,024 | ---- | C] () -- C:\WINDOWS\clofghls.dll [2011-07-15 12:02:54 | 000,000,052 | ---- | C] () -- C:\WINDOWS\mafosav.INI [2011-06-28 11:25:45 | 000,009,843 | ---- | C] () -- C:\WINDOWS\System32\mswwntoae.dll [2011-05-31 08:39:50 | 000,058,368 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll [2011-05-31 08:38:18 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll [2011-05-02 21:57:52 | 000,000,408 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini [2011-04-16 20:51:22 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\proc1395793746.bin [2011-04-15 19:47:54 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011-02-21 16:09:10 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2011-02-05 14:44:34 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Mateusz\Dane aplikacji\$_hpcst$.hpc [2011-01-27 00:15:19 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\msywctoad.dll [2011-01-23 18:11:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011-01-15 22:25:10 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\msyunaer-.dll [2011-01-13 20:56:43 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2011-01-03 20:49:41 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2011-01-01 21:32:46 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\Mateusz\default.pls [2010-12-22 19:49:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-11-26 15:52:43 | 000,250,880 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-11-26 15:16:30 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2010-11-25 17:03:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010-11-23 20:03:22 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini [2010-11-23 19:33:35 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2010-11-23 19:33:30 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-11-23 19:33:30 | 000,540,178 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll [2010-11-23 19:33:30 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-11-23 19:33:29 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2010-11-23 19:33:26 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010-11-23 19:33:24 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2010-11-23 19:30:39 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2010-11-23 19:16:03 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010-11-23 19:13:28 | 000,298,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-11-23 19:10:09 | 000,004,736 | ---- | C] () -- C:\WINDOWS\unins000.dat [2010-11-23 18:43:24 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Mateusz\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2010-11-23 18:36:39 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys [2010-11-23 18:33:18 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2010-11-23 18:33:13 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll [2010-11-23 18:33:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2010-11-23 18:32:38 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\unM5289.exe [2010-11-23 18:32:34 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\UnAGP.exe [2010-11-23 18:26:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010-11-23 18:21:56 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2006-11-30 14:25:06 | 000,004,007 | ---- | C] () -- C:\Documents and Settings\Mateusz\ExpressivoCfg.xml [2006-11-29 14:11:54 | 000,011,373 | ---- | C] () -- C:\Documents and Settings\Mateusz\ExpressivoDictionary.xml [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 178 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:8927A071 < End of report >