OTL logfile created on: 2012-08-13 16:56:00 - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Krystian\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,16 Gb Available Physical Memory | 7,81% Memory free 4,00 Gb Paging File | 1,10 Gb Available in Paging File | 27,62% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 11,50 Gb Free Space | 23,54% Space Free | Partition Type: NTFS Drive D: | 87,89 Gb Total Space | 49,23 Gb Free Space | 56,02% Space Free | Partition Type: NTFS Drive E: | 96,16 Gb Total Space | 48,54 Gb Free Space | 50,48% Space Free | Partition Type: NTFS Drive F: | 391,40 Gb Total Space | 110,56 Gb Free Space | 28,25% Space Free | Partition Type: NTFS Drive G: | 502,94 Gb Total Space | 236,04 Gb Free Space | 46,93% Space Free | Partition Type: NTFS Drive H: | 502,93 Gb Total Space | 178,13 Gb Free Space | 35,42% Space Free | Partition Type: NTFS Computer Name: KRYSTIAND | User Name: Krystian | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-08-13 16:55:07 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Krystian\Desktop\OTL.exe PRC - [2012-05-06 19:23:13 | 024,635,392 | ---- | M] (Electronic Arts) -- F:\Program Files\EA Sports\UEFA EURO 2012\Game\fifa.exe PRC - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-12-26 18:04:48 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe PRC - [2011-12-26 18:04:48 | 000,008,192 | ---- | M] () -- C:\Windows\System32\srvany.exe PRC - [2011-10-26 04:32:24 | 000,037,280 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe PRC - [2011-10-15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-10-15 10:53:00 | 001,328,960 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2011-06-24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010-11-20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2010-11-20 14:16:54 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe PRC - [2010-09-07 11:46:56 | 000,072,280 | ---- | M] () -- C:\Windows\System32\XSrvSetup.exe PRC - [2009-07-14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-05-06 16:04:22 | 000,592,384 | ---- | M] () -- F:\Program Files\EA Sports\UEFA EURO 2012\Game\dlc\dlc_eurodll\dlc\eurodll\eurodllzf.dll MOD - [2012-05-06 16:04:22 | 000,298,496 | ---- | M] () -- F:\Program Files\EA Sports\UEFA EURO 2012\Game\dlc\dlc_powdll\dlc\powdll\powdllzf.dll MOD - [2011-03-17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2008-09-16 20:18:06 | 000,132,608 | ---- | M] () -- D:\Program Files\WinRAR\RarExt.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP) SRV - [2012-08-03 13:34:07 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-04-22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-01-03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-12-26 18:04:48 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\System32\srvany.exe -- (KMService) SRV - [2011-10-26 04:32:24 | 000,037,280 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe -- (ADExchange) SRV - [2011-10-15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-07-22 17:10:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2011-06-15 14:12:28 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011-06-12 11:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service) SRV - [2010-09-07 11:46:56 | 000,072,280 | ---- | M] () [Auto | Running] -- C:\Windows\System32\XSrvSetup.exe -- (JMB36X) SRV - [2009-10-01 21:32:04 | 004,584,288 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost) SRV - [2009-09-21 20:25:34 | 001,571,336 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe -- (GenericMount Helper Service) SRV - [2009-09-21 20:19:20 | 001,964,528 | ---- | M] (Symantec) [On_Demand | Stopped] -- C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe -- (SymSnapService) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007-04-13 21:09:56 | 000,792,112 | ---- | M] (Nero AG) [On_Demand | Stopped] -- D:\Program Files\Nero 7\Nero BackItUp\NBService.exe -- (NBService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - File not found [File_System | Auto | Stopped] -- system32\DRIVERS\eamonm.sys -- (eamonm) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT) DRV - [2012-06-24 11:52:06 | 000,475,224 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2012-04-22 13:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012-02-09 22:43:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012-01-18 15:55:56 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio) DRV - [2012-01-18 15:55:54 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio) DRV - [2012-01-09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012-01-09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-10-05 09:54:44 | 000,564,800 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73) DRV - [2011-10-03 20:09:01 | 000,611,064 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd) DRV - [2011-07-14 07:52:44 | 000,090,136 | ---- | M] (Ray Hinchliffe) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SIVX32.sys -- (SIVDriver) DRV - [2010-11-20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010-11-20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010-11-20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010-11-20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010-11-20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010-11-20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010-11-20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010-11-20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2010-05-07 00:19:06 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\kl2.sys -- (kl2) DRV - [2010-05-07 00:19:02 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1) DRV - [2010-04-22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2010-02-24 12:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11) DRV - [2010-01-25 06:11:32 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps) DRV - [2010-01-25 06:11:30 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag) DRV - [2010-01-25 06:11:24 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2010-01-25 06:11:22 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus) DRV - [2010-01-21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010-01-21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010-01-21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2010-01-11 10:29:36 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandadb.sys -- (androidusb) DRV - [2009-11-02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009-10-01 22:03:40 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr) DRV - [2009-09-21 20:40:14 | 000,015,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vproeventmonitor.sys -- (VProEventMonitor) DRV - [2009-09-21 20:26:10 | 000,046,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GenericMount.sys -- (GenericMount) DRV - [2009-09-21 20:20:42 | 000,138,592 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\Windows\System32\drivers\symsnap.sys -- (symsnap) DRV - [2009-02-10 18:23:02 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- d:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2008-11-04 20:21:04 | 000,083,296 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID) DRV - [2007-01-23 15:44:00 | 000,020,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1339246200_119666 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = pl.v9.com/idg/idg_1339246200_119666 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Krystian\Desktop IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = pl.v9.com/idg/idg_1339246200_119666 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128 IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {D902ABFF-70B5-4F84-BA14-12EA196ACD9D} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{787F8C5E-91C4-4B5D-9CF3-A0E9FA8F030E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ANT&o=102825&src=kw&q={searchTerms}&locale=&apn_ptnrs=4R&apn_dtid=YYYYYYYYPL&apn_uid=f4f0c038-6b90-440f-9518-e299c336211b&apn_sauid=D9587464-9FD4-4043-876A-6A0F63D7BD29 IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/mb68/?search={searchTerms}&loc=search_box&u=92260434553063149 IE - HKCU\..\SearchScopes\{D902ABFF-70B5-4F84-BA14-12EA196ACD9D}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: D:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: D:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Krystian\AppData\Roaming\IDM\idmmzcc5 [2012-05-19 22:20:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krystian\AppData\Roaming\mozilla\Firefox\extensions [2012-05-19 22:20:25 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Krystian\AppData\Roaming\mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03} O1 HOSTS File: ([2012-07-08 20:19:59 | 000,000,050 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.przyklad.pl O1 - Hosts: 127.0.0.1 przyklad.pl O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [Chew7Hale] C:\Windows\System32\hale.exe () O4 - HKCU..\Run: [Anvi_CSB] D:\Program Files\Anvisoft\Cloud System Booster\CSBMini.exe File not found O4 - HKCU..\Run: [Clock Widget (HTC Home)] D:\Program Files\HTC Home\Clock.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Wyślij &do programu OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Techland\Common\InternetTranslator\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - Reg Error: Key error. File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.80.2.cab (Battlefield Play4Free Updater) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22435B64-3668-4342-9007-21725AF8217F}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe O33 - MountPoints2\O\Shell - "" = AutoRun O33 - MountPoints2\O\Shell\AutoRun\command - "" = "O:\Diablo III Setup.exe" O33 - MountPoints2\R\Shell - "" = AutoRun O33 - MountPoints2\R\Shell\AutoRun\command - "" = R:\autorun.exe O33 - MountPoints2\S\Shell - "" = AutoRun O33 - MountPoints2\S\Shell\AutoRun\command - "" = S:\autorun.exe O33 - MountPoints2\S\Shell\Option1\Command - "" = S:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-08-13 16:54:32 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Krystian\Desktop\OTL.exe [2012-08-13 14:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012-08-13 14:07:40 | 000,000,000 | ---D | C] -- C:\Users\Krystian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft [2012-08-06 22:39:56 | 000,000,000 | ---D | C] -- C:\Users\Krystian\Documents\Electronic Arts [2012-08-06 22:34:49 | 000,447,752 | ---- | C] (On2.com) -- C:\Windows\System32\vp6vfw.dll [2012-08-06 22:34:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE [2012-08-06 22:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts [2012-08-03 17:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-08-03 17:13:01 | 000,000,000 | ---D | C] -- C:\Program Files\Skype [2012-08-03 17:13:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012-08-03 17:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012-07-30 00:40:48 | 000,000,000 | ---D | C] -- C:\Users\Krystian\Desktop\Nowy folder (2) [2012-07-26 03:50:31 | 000,000,000 | ---D | C] -- C:\Users\Krystian\AppData\Local\NokiaAccount [2012-07-26 03:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite [2012-07-26 03:49:54 | 000,000,000 | ---D | C] -- C:\Users\Krystian\AppData\Local\Nokia [2012-07-26 03:49:53 | 000,000,000 | ---D | C] -- C:\Users\Krystian\AppData\Roaming\PC Suite [2012-07-26 03:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia [2012-07-26 03:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia [2012-07-26 03:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia [2012-07-26 03:48:58 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys [2012-07-26 03:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2012-07-26 03:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution [2012-07-26 03:48:31 | 000,075,264 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll [2012-07-26 03:46:52 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache [2012-07-26 03:46:52 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia [2012-07-20 01:45:20 | 000,000,000 | ---D | C] -- C:\Users\Krystian\Desktop\Nowy folder [2012-07-16 00:14:57 | 000,000,000 | ---D | C] -- C:\Users\Krystian\Documents\My Cheat Tables [2012-07-16 00:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2 [2012-07-16 00:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.2 [2012-07-15 19:38:21 | 000,476,976 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll [2012-07-15 19:38:21 | 000,157,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-07-15 19:38:21 | 000,149,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-07-15 19:38:21 | 000,149,296 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2012-07-15 19:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-08-13 16:55:07 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Krystian\Desktop\OTL.exe [2012-08-13 16:33:01 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012-08-13 15:52:25 | 008,442,935 | ---- | M] () -- C:\Windows\System32\cwlog.dtl [2012-08-13 14:27:47 | 000,017,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-08-13 14:27:47 | 000,017,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-08-13 14:20:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-08-13 14:20:33 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys [2012-08-12 21:57:09 | 000,741,078 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2012-08-12 21:57:09 | 000,654,842 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-08-12 21:57:09 | 000,155,674 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2012-08-12 21:57:09 | 000,121,714 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-08-09 15:31:04 | 115,840,680 | ---- | M] () -- C:\Users\Krystian\Desktop\M_H_07_2012.pdf [2012-08-09 00:27:34 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\UEFA EURO 2012.lnk [2012-08-06 23:06:47 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3 Pokolenia.lnk [2012-08-06 22:34:14 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk [2012-08-03 17:13:03 | 000,002,477 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012-08-03 13:34:06 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012-08-03 13:34:06 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-08-03 11:42:34 | 000,006,144 | ---- | M] () -- C:\Users\Krystian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-26 03:50:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2012-07-26 03:49:27 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk [2012-07-26 03:47:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-07-26 03:09:01 | 093,495,688 | ---- | M] () -- C:\Users\Krystian\Desktop\Nokia_Suite_webinstaller_ALL.exe [2012-07-20 01:46:30 | 000,052,074 | ---- | M] () -- C:\Users\Krystian\Desktop\Przechwytywanie.JPG [2012-07-16 00:13:43 | 000,001,047 | ---- | M] () -- C:\Users\Krystian\Desktop\Cheat Engine.lnk [2012-07-15 19:38:08 | 000,476,976 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll [2012-07-15 19:38:08 | 000,472,880 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2012-07-15 19:38:08 | 000,157,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2012-07-15 19:38:08 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2012-07-15 19:38:08 | 000,149,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-08-13 00:18:43 | 000,000,844 | ---- | C] () -- C:\Users\Krystian\Desktop\piosenki.lnk [2012-08-09 15:07:19 | 115,840,680 | ---- | C] () -- C:\Users\Krystian\Desktop\M_H_07_2012.pdf [2012-08-06 23:06:47 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3 Pokolenia.lnk [2012-08-06 22:34:14 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ 3.lnk [2012-08-03 17:13:03 | 000,002,477 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012-07-26 03:50:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf [2012-07-26 03:49:27 | 000,002,047 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk [2012-07-26 03:47:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-07-26 02:59:33 | 093,495,688 | ---- | C] () -- C:\Users\Krystian\Desktop\Nokia_Suite_webinstaller_ALL.exe [2012-07-20 01:46:29 | 000,052,074 | ---- | C] () -- C:\Users\Krystian\Desktop\Przechwytywanie.JPG [2012-07-16 00:13:43 | 000,001,047 | ---- | C] () -- C:\Users\Krystian\Desktop\Cheat Engine.lnk [2012-07-08 20:45:47 | 000,053,760 | ---- | C] () -- C:\Windows\System32\zlib.dll [2012-07-04 18:16:20 | 000,006,144 | ---- | C] () -- C:\Users\Krystian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-02 16:04:15 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini [2012-06-24 11:53:22 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2012-06-24 11:53:22 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2012-06-15 19:04:30 | 000,000,017 | -HS- | C] () -- C:\Windows\System32\Userdata.ini [2012-06-11 11:21:42 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe [2012-06-09 14:23:24 | 000,000,042 | ---- | C] () -- C:\Windows\oodjobd.INI [2012-05-16 16:54:01 | 000,922,184 | ---- | C] () -- C:\Windows\System32\pwNative.exe [2012-05-16 16:54:00 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys [2012-05-16 16:53:52 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys [2012-05-11 15:17:22 | 000,036,917 | ---- | C] () -- C:\Users\Krystian\AppData\Local\Perfmon.PerfmonCfg [2012-03-27 19:15:39 | 000,139,424 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2012-03-27 19:15:39 | 000,138,056 | ---- | C] () -- C:\Users\Krystian\AppData\Roaming\PnkBstrK.sys [2012-02-21 00:39:05 | 000,004,910 | ---- | C] () -- C:\ProgramData\qjaxlkio.dss [2012-01-31 15:28:07 | 000,024,699 | ---- | C] () -- C:\Users\Krystian\AppData\Roaming\addons.dat [2011-12-26 18:05:50 | 000,151,552 | ---- | C] () -- C:\Windows\KMService.exe [2011-12-26 18:05:50 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe [2011-12-25 03:06:31 | 000,282,104 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011-12-25 03:06:29 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011-12-17 00:19:15 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll [2011-11-30 21:53:34 | 000,171,008 | ---- | C] () -- C:\Windows\System32\libbluray.dll [2011-11-30 21:53:26 | 006,244,574 | ---- | C] () -- C:\Windows\System32\avcodec-lav-53.dll [2011-11-30 21:53:26 | 000,957,031 | ---- | C] () -- C:\Windows\System32\avformat-lav-53.dll [2011-11-30 21:53:26 | 000,337,369 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll [2011-11-30 21:53:26 | 000,197,696 | ---- | C] () -- C:\Windows\System32\avutil-lav-51.dll [2011-11-30 21:53:26 | 000,127,340 | ---- | C] () -- C:\Windows\System32\avfilter-lav-2.dll [2011-11-24 15:40:53 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2011-11-21 22:18:48 | 000,000,109 | ---- | C] () -- C:\Windows\PControl.ini [2011-11-20 13:34:48 | 003,900,928 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll [2011-11-20 13:09:44 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-11-20 13:07:24 | 000,259,584 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2011-11-20 13:07:06 | 000,133,632 | ---- | C] () -- C:\Windows\System32\IntelQuickSyncDecoder.dll [2011-11-20 13:07:04 | 000,158,720 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2011-11-20 13:07:04 | 000,097,280 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2011-11-20 13:07:02 | 001,524,224 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2011-11-20 13:07:02 | 000,211,456 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2011-11-20 13:07:02 | 000,145,920 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2011-11-20 13:07:02 | 000,113,664 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2011-11-20 13:07:00 | 000,327,680 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll [2011-11-20 13:06:58 | 000,136,704 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2011-11-11 12:59:21 | 000,000,533 | ---- | C] () -- C:\Windows\eReg.dat [2011-10-15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011-09-24 13:40:27 | 000,017,408 | ---- | C] () -- C:\Users\Krystian\AppData\Local\WebpageIcons.db [2011-09-09 21:51:40 | 000,000,920 | ---- | C] () -- C:\Windows\ARCHPR.INI [2011-08-17 17:19:41 | 000,000,000 | ---- | C] () -- C:\Users\Krystian\AppData\Local\{EBE03945-59E5-4712-9F87-5488D7C285E2} [2011-08-15 09:15:48 | 000,000,000 | ---- | C] () -- C:\Users\Krystian\AppData\Local\{3BC7EC6F-FA13-4B19-AAC6-A82F1E2AE007} [2011-08-14 22:29:44 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2011-08-14 22:29:44 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2011-08-04 19:23:05 | 000,000,032 | ---- | C] () -- C:\Windows\kaio.INI [2011-08-03 23:50:13 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011-07-26 10:56:44 | 000,000,978 | ---- | C] () -- C:\Windows\EnglishTranslator.INI [2011-07-23 20:32:19 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011-07-23 20:31:05 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011-07-22 18:25:31 | 000,072,280 | ---- | C] () -- C:\Windows\System32\XSrvSetup.exe [2011-06-17 13:00:41 | 000,000,640 | RHS- | C] () -- C:\Users\Krystian\ntuser.pol [2011-06-10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2011-06-08 19:28:19 | 000,007,617 | ---- | C] () -- C:\Users\Krystian\AppData\Local\Resmon.ResmonCfg [2011-05-30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-05-23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-04-09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011-03-03 13:40:08 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll [2011-03-03 13:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll [2011-03-03 13:39:46 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll [2011-03-03 13:39:34 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll [2011-03-03 13:39:02 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe [2011-03-03 13:38:54 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll [2011-03-03 13:38:40 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll [2011-03-03 13:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll [2011-03-03 13:38:04 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe [2011-03-03 13:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll [2011-03-03 13:37:40 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe [2011-03-03 13:35:32 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll [2011-03-03 13:35:26 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll [2010-08-18 21:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\Registration.ini [color=#E56717]========== LOP Check ==========[/color] [2012-06-24 03:28:01 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\2K Sports [2012-06-03 00:34:27 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Ashampoo [2011-07-19 13:37:55 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Atari [2012-05-06 15:33:36 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\BlackBean [2011-07-23 21:33:25 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Chirurgie Simulation [2011-12-06 14:57:31 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\DeskSoft [2012-06-11 11:24:19 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Dropbox [2011-08-05 13:44:10 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\DVDVideoSoft [2011-08-05 13:44:02 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\DVDVideoSoftIEHelpers [2012-05-25 23:56:43 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Gadu-Gadu 10 [2012-05-12 00:33:47 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Graboid Inc [2012-07-04 17:29:35 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\ipla [2011-06-13 13:33:50 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Leadertech [2011-12-06 14:57:32 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\LG Electronics [2012-01-22 13:43:51 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\LolClient [2012-06-23 21:54:31 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\LolClient2 [2011-10-31 10:32:01 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Miranda [2012-02-21 00:44:39 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\MOVAVI [2011-12-06 14:57:32 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\OpenFM [2012-06-04 21:11:15 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Opera [2012-03-30 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Origin [2011-06-08 22:59:18 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\O__# maxtor_torrent_Super MP3 Download 4.6.4.8_Super MP3 Download 4.6.4.8_crack_SuperMp3Download.exe [2012-07-26 03:49:53 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\PC Suite [2012-02-11 19:16:29 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\ProtectDISC [2011-12-25 03:06:29 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\PunkBuster [2012-07-04 17:59:12 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\SingularLabs [2012-06-18 23:08:25 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\SuperMP3Download [2012-01-31 16:07:03 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Ulead Systems [2012-08-13 16:53:15 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\uTorrent [2012-02-03 17:46:37 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\Video DVD Maker FREE [2011-07-19 23:03:04 | 000,000,000 | ---D | M] -- C:\Users\Krystian\AppData\Roaming\WebCompiler3 [2012-08-10 21:27:49 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >