OTL logfile created on: 2010-12-21 21:44:39 - Run 3 OTL by OldTimer - Version 3.2.17.4 Folder = D:\ Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 40,00 Gb Total Space | 4,26 Gb Free Space | 10,65% Space Free | Partition Type: NTFS Drive D: | 58,59 Gb Total Space | 42,28 Gb Free Space | 72,16% Space Free | Partition Type: NTFS Drive E: | 99,61 Gb Total Space | 19,68 Gb Free Space | 19,76% Space Free | Partition Type: NTFS Drive F: | 99,88 Gb Total Space | 37,89 Gb Free Space | 37,94% Space Free | Partition Type: NTFS Computer Name: KING | User Name: kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-12-20 20:13:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe PRC - [2010-11-22 10:38:20 | 002,937,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe PRC - [2010-10-08 07:05:38 | 002,845,552 | ---- | M] (GamersFirst) -- C:\Program Files\GamersFirst\LIVE!\Live.exe PRC - [2010-09-07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-05-20 14:27:24 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe PRC - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () -- E:\screenshots\CDBurnerXP\NMSAccessU.exe PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- E:\Programy\Spyboot\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008-04-14 21:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-12-20 20:13:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe MOD - [2010-08-23 17:12:53 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV - [2010-09-07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-05-17 12:11:40 | 000,229,376 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\WINDOWS\System32\PuranDefragS.exe -- (PuranDefrag) SRV - [2010-03-04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- E:\screenshots\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer) DRV - [2010-09-07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2010-09-07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2010-09-07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2010-09-07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2010-09-07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-09-07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2010-05-20 14:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000) DRV - [2010-02-03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-11-12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009-09-05 16:18:36 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv) DRV - [2008-10-14 11:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - [2008-10-14 11:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmeaext.sys -- (ZTEusbnmeaext) DRV - [2008-10-14 11:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - [2008-10-14 11:07:50 | 000,103,936 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - [2008-10-14 08:10:30 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5) DRV - [2008-06-16 09:13:46 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2008-04-13 23:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Sterownik audio USB (WDM) DRV - [2008-04-13 21:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-02-14 10:04:06 | 004,676,096 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008-01-03 15:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007-05-10 23:03:00 | 006,738,432 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2004-11-25 17:36:06 | 000,077,248 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02) DRV - [2004-11-25 17:32:01 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06) DRV - [2004-08-03 21:59:44 | 000,095,360 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi) DRV - [2004-04-30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus) DRV - [2004-04-30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi) DRV - [2003-12-01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01) DRV - [2003-09-06 13:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66019 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchhub.eu/?ih=&hl=pl IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre2.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Mozilla Firefox\components [2010-12-19 10:20:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Mozilla Firefox\plugins [2010-12-19 10:20:42 | 000,000,000 | ---D | M] [2010-11-30 18:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kuba\Dane aplikacji\Mozilla\Extensions [2010-12-21 10:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kuba\Dane aplikacji\Mozilla\Firefox\Profiles\ngt0jmbr.default\extensions [2010-11-20 09:29:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\kuba\Dane aplikacji\Mozilla\Firefox\Profiles\ngt0jmbr.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-10-25 06:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\kuba\Dane aplikacji\Mozilla\Firefox\Profiles\ngt0jmbr.default\extensions\support@searchhub.eu O1 HOSTS File: ([2002-09-29 01:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Programy\Spyboot\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre2.dll (Conduit Ltd.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found. O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFre2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFre2.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [KernelFaultCheck] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation) O4 - HKCU..\Run: [SpybotSD TeaTimer] E:\Programy\Spyboot\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe (GamersFirst) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0 O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Programy\Spyboot\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.76.34.49 212.76.34.50 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-08-29 15:24:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-12-21 10:12:15 | 000,620,465 | ---- | M] () - D:\Autoruns.zip -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-12-21 17:48:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\kaneandlynch [2010-12-21 15:11:55 | 001,110,016 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranFD.exe [2010-12-21 15:11:55 | 000,229,376 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefragS.exe [2010-12-21 15:11:55 | 000,221,184 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDC.exe [2010-12-21 15:11:55 | 000,212,992 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefrag.dll [2010-12-21 15:11:55 | 000,107,008 | ---- | C] (Puran Software) -- C:\WINDOWS\System32\PuranDefragBT.exe [2010-12-21 11:16:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\kuba\Recent [2010-12-21 11:11:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\InstallShield [2010-12-21 10:31:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\ConduitEngine [2010-12-21 10:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine [2010-12-21 07:21:49 | 000,000,000 | ---D | C] -- C:\Qoobox [2010-12-20 20:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\Malwarebytes [2010-12-20 20:14:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-12-20 20:14:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2010-12-20 20:14:42 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-12-20 18:44:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\Sunbelt Software [2010-12-20 18:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft [2010-12-20 18:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Lavasoft [2010-12-19 10:20:36 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010-12-19 10:20:36 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010-12-19 10:20:36 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010-12-19 10:20:35 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010-12-17 12:21:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Pulpit\Soldat [2010-12-16 12:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\LizardTech [2010-12-15 13:44:33 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2010-12-14 10:30:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\WeGame [2010-12-14 10:29:45 | 000,488,800 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltkrn15u.dll [2010-12-14 10:29:45 | 000,390,496 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Lfcmp15u.dll [2010-12-14 10:29:45 | 000,185,688 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\Ltfil15u.dll [2010-12-11 08:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\Publish Providers [2010-12-11 08:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\Sony [2010-12-10 22:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2010-12-10 22:02:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2010-12-10 22:00:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\Sony [2010-12-08 18:53:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\TS3Client [2010-11-30 19:12:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\Stardock [2010-11-30 19:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Moje dokumenty\PrintScreen Files [2010-11-30 19:12:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\PrintHood [2010-11-30 19:12:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\OpenCandy [2010-11-30 19:12:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\NetHood [2010-11-30 19:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Moje dokumenty\Moje książki elektroniczne [2010-11-30 19:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\Media Player Classic [2010-11-30 19:12:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\IVONA_INST [2010-11-30 19:12:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\Help [2010-11-30 19:12:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\Help [2010-11-30 19:12:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\gctmp [2010-11-30 19:12:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\Deployment [2010-11-30 19:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Moje dokumenty\NeroVision [2010-11-30 19:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\AVI ReComp [2010-11-30 19:12:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\Ascaron Entertainment [2010-11-30 19:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\Paint.NET [2010-11-30 19:12:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\Identities [2010-11-30 08:32:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Moje dokumenty\CAPCOM [2010-11-30 08:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft [2010-11-30 08:20:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xlive [2010-11-30 08:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE [2010-11-26 11:04:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Moje dokumenty\Lost Via Domus [2010-11-26 09:43:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Moje dokumenty\Tomb Raider - Legend [2010-11-22 10:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\PMB Files [2010-11-22 10:38:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\GamersFirst LIVE! [2010-11-22 10:38:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2010-11-22 10:38:19 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2010-11-22 10:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\GamersFirst [2010-11-22 09:59:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Dane aplikacji\gtk-2.0 [2010-11-22 09:59:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\.thumbnails [2010-11-22 09:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\Moje dokumenty\gegl-0.0 [2010-11-22 09:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\kuba\.gimp-2.6 [2010-01-09 18:51:50 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys [2010-01-09 18:51:50 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-12-21 21:44:16 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job [2010-12-21 21:43:38 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\AWC AutoSweep.job [2010-12-21 21:43:29 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2010-12-21 21:43:25 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job [2010-12-21 21:43:23 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-12-21 21:43:19 | 000,000,490 | ---- | M] () -- C:\WINDOWS\tasks\Konserwacja jednym kliknięciem.job [2010-12-21 21:43:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-12-21 18:18:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-12-21 17:43:28 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-12-21 15:11:55 | 000,000,607 | ---- | M] () -- C:\Documents and Settings\kuba\Pulpit\Puran Defrag.lnk [2010-12-21 11:27:48 | 000,000,577 | ---- | M] () -- C:\Documents and Settings\kuba\Pulpit\Devil May Cry 4.lnk [2010-12-21 10:42:22 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CDBurnerXP.lnk [2010-12-21 10:13:23 | 000,144,896 | ---- | M] () -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-12-21 10:06:50 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010-12-20 21:50:35 | 000,000,450 | -H-- | M] () -- C:\aaw7boot.cmd [2010-12-20 20:14:50 | 000,000,709 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-20 19:16:37 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\kuba\Pulpit\Gadwin PrintScreen.lnk [2010-12-20 18:34:00 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\kuba\Pulpit\Spybot - Search & Destroy.lnk [2010-12-20 18:10:19 | 000,000,795 | ---- | M] () -- C:\WINDOWS\unins000.dat [2010-12-19 08:01:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-12-16 10:19:29 | 000,164,320 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010-12-15 09:08:03 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010-12-14 17:07:25 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-12-14 10:47:03 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\kuba\Moje dokumenty\wgvids.db [2010-12-12 11:46:41 | 000,170,496 | ---- | M] () -- C:\Documents and Settings\kuba\Pulpit\Bez tytułu.MSWMM [2010-12-08 18:52:28 | 000,000,546 | ---- | M] () -- C:\Documents and Settings\kuba\Pulpit\TeamSpeak 3 Client.lnk [2010-12-05 16:10:11 | 000,000,178 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_vVX1000_exe.job [2010-12-02 14:45:13 | 000,323,526 | ---- | M] () -- C:\AnalysisLog.sr0 [2010-11-30 16:12:07 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2010-11-30 08:29:43 | 000,001,473 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\STREET FIGHTER IV.lnk [2010-11-29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010-11-29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010-11-22 10:39:21 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk [2010-11-22 10:02:08 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\kuba\.recently-used.xbel [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-12-21 15:11:55 | 000,000,607 | ---- | C] () -- C:\Documents and Settings\kuba\Pulpit\Puran Defrag.lnk [2010-12-21 11:27:48 | 000,000,577 | ---- | C] () -- C:\Documents and Settings\kuba\Pulpit\Devil May Cry 4.lnk [2010-12-21 10:42:22 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\CDBurnerXP.lnk [2010-12-21 10:42:21 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys [2010-12-20 21:50:34 | 000,000,450 | -H-- | C] () -- C:\aaw7boot.cmd [2010-12-20 20:14:50 | 000,000,709 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes' Anti-Malware.lnk [2010-12-20 19:16:37 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\kuba\Pulpit\Gadwin PrintScreen.lnk [2010-12-20 18:47:08 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job [2010-12-20 18:10:18 | 000,000,795 | ---- | C] () -- C:\WINDOWS\unins000.dat [2010-12-14 17:07:25 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2010-12-14 10:32:47 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\kuba\Moje dokumenty\wgvids.db [2010-12-12 11:46:41 | 000,170,496 | ---- | C] () -- C:\Documents and Settings\kuba\Pulpit\Bez tytułu.MSWMM [2010-12-08 18:52:28 | 000,000,546 | ---- | C] () -- C:\Documents and Settings\kuba\Pulpit\TeamSpeak 3 Client.lnk [2010-12-05 12:26:12 | 000,000,178 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft_Hardware_Launch_vVX1000_exe.job [2010-12-02 14:44:37 | 000,323,526 | ---- | C] () -- C:\AnalysisLog.sr0 [2010-11-30 08:29:43 | 000,001,473 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\STREET FIGHTER IV.lnk [2010-11-22 10:38:11 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\GamersFirst LIVE!.lnk [2010-11-22 10:02:08 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\kuba\.recently-used.xbel [2010-09-24 17:52:41 | 000,189,096 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2010-09-24 17:47:53 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini [2010-08-09 09:14:02 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll [2010-08-09 09:14:02 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll [2010-08-03 13:18:24 | 000,144,384 | ---- | C] () -- C:\WINDOWS\System32\miccyhook.dll [2010-07-06 07:46:09 | 000,000,075 | ---- | C] () -- C:\WINDOWS\frikikmulti.ini [2010-07-06 07:44:32 | 000,000,660 | ---- | C] () -- C:\WINDOWS\cncscore.ini [2010-05-26 19:38:16 | 000,000,029 | ---- | C] () -- C:\WINDOWS\Battle.ini [2010-05-21 13:55:37 | 000,000,133 | ---- | C] () -- C:\WINDOWS\ChssBase.ini [2010-05-02 16:43:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\galaxy.ini [2010-02-12 17:41:24 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2010-02-12 17:41:23 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010-02-12 17:41:23 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010-02-12 17:39:59 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009-11-18 15:16:19 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-10-06 10:21:02 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2009-09-24 16:04:25 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI [2009-09-05 16:59:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009-09-05 16:47:51 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009-09-05 16:47:51 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2009-09-03 18:32:42 | 000,000,133 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-08-29 17:47:31 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009-08-29 17:29:53 | 000,144,896 | ---- | C] () -- C:\Documents and Settings\kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-08-29 16:17:58 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009-04-22 00:19:06 | 000,172,173 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2007-05-10 23:03:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007-05-10 23:03:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007-05-10 23:03:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007-05-10 23:03:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007-05-10 23:03:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2002-09-29 01:00:00 | 000,095,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:05EE1EEF @Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:0C988F7D < End of report >