OTL logfile created on: 2011-02-01 17:27:44 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Paulina i Marcin\Desktop 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000415 | Country: Poland | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 45,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 206,92 Gb Total Space | 107,31 Gb Free Space | 51,86% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 21,28 Gb Free Space | 43,59% Space Free | Partition Type: NTFS Drive E: | 29,30 Gb Total Space | 19,12 Gb Free Space | 65,26% Space Free | Partition Type: NTFS Drive F: | 13,05 Gb Total Space | 2,70 Gb Free Space | 20,71% Space Free | Partition Type: NTFS Computer Name: PAULINAIMARC-PC | User Name: Paulina i Marcin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-02-01 17:24:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Paulina i Marcin\Desktop\OTL.exe PRC - [2011-01-17 09:50:38 | 003,021,688 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Paulina i Marcin\Desktop\Procmon.exe PRC - [2010-12-17 19:50:22 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2010-12-17 18:01:25 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2010-08-02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2010-08-02 16:09:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010-06-28 21:50:36 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared Files\brs.exe PRC - [2010-02-02 23:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe PRC - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2009-10-28 13:44:08 | 011,539,048 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe PRC - [2009-10-28 12:43:06 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Nowe Gadu-Gadu\spellchecker_gg.exe PRC - [2009-04-07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe PRC - [2009-04-07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe PRC - [2009-03-06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\WINDOWS\SysWOW64\atashost.exe PRC - [2007-10-24 11:02:16 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2007-10-24 11:02:14 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2007-09-05 21:45:32 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-02-01 17:24:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Paulina i Marcin\Desktop\OTL.exe MOD - [2008-01-21 03:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2008-01-21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2010-12-17 18:01:25 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010-08-02 16:10:02 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010-03-14 12:26:33 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009-04-07 15:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice) SRV - [2009-03-06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost) SRV - [2008-01-21 03:50:58 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008-01-21 03:47:00 | 000,428,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008-01-21 03:47:00 | 000,211,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007-10-24 11:02:16 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R) SRV - [2007-08-23 20:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate) SRV - [2007-03-05 18:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-11-30 15:47:23 | 000,083,120 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt) DRV:[b]64bit:[/b] - [2010-08-02 16:10:10 | 000,116,568 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb) DRV:[b]64bit:[/b] - [2010-02-20 20:17:37 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2010-01-21 02:03:10 | 000,027,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64diag.sys -- (UsbDiag) DRV:[b]64bit:[/b] - [2010-01-21 02:03:08 | 000,033,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64modem.sys -- (USBModem) DRV:[b]64bit:[/b] - [2010-01-21 02:03:06 | 000,017,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lgx64bus.sys -- (usbbus) DRV:[b]64bit:[/b] - [2009-06-30 10:37:16 | 000,033,800 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot) DRV:[b]64bit:[/b] - [2009-04-07 15:33:08 | 000,033,072 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\purendis.sys -- (purendis) DRV:[b]64bit:[/b] - [2009-04-07 15:33:06 | 000,031,536 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\pnarp.sys -- (pnarp) DRV:[b]64bit:[/b] - [2008-01-21 03:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:[b]64bit:[/b] - [2008-01-21 03:46:57 | 001,523,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTDPV6.SYS -- (HSF_DPV) DRV:[b]64bit:[/b] - [2008-01-21 03:46:57 | 000,724,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTCNXT6.SYS -- (winachsf) DRV:[b]64bit:[/b] - [2008-01-21 03:46:57 | 000,286,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL) DRV:[b]64bit:[/b] - [2008-01-21 03:46:55 | 000,111,104 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2008-01-21 03:46:52 | 000,019,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx) DRV:[b]64bit:[/b] - [2008-01-18 12:31:30 | 000,320,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2007-09-30 00:03:32 | 000,384,024 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2007-09-18 14:12:34 | 000,095,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:[b]64bit:[/b] - [2007-09-18 14:12:34 | 000,089,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:[b]64bit:[/b] - [2007-09-18 14:12:34 | 000,019,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid) DRV:[b]64bit:[/b] - [2007-09-18 00:17:46 | 000,135,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:[b]64bit:[/b] - [2007-08-07 20:48:37 | 000,032,712 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:[b]64bit:[/b] - [2007-07-11 18:30:34 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqRemHid.sys -- (HpqRemHid) DRV:[b]64bit:[/b] - [2007-06-28 16:09:56 | 003,148,288 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw4v64.sys -- (NETw4v64) Intel(R) DRV:[b]64bit:[/b] - [2007-06-19 01:13:12 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:[b]64bit:[/b] - [2007-03-27 03:48:24 | 000,055,808 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp) DRV:[b]64bit:[/b] - [2007-03-19 20:09:36 | 000,055,808 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk) DRV:[b]64bit:[/b] - [2007-02-28 00:10:38 | 000,053,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk) DRV:[b]64bit:[/b] - [2007-02-16 01:56:51 | 000,014,032 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ElbyDelay.sys -- (ElbyDelay) DRV:[b]64bit:[/b] - [2007-01-17 14:48:30 | 001,455,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\smserial.sys -- (smserial) DRV:[b]64bit:[/b] - [2006-10-10 03:09:03 | 000,742,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nvm60x64.sys -- (NVENETFD) DRV:[b]64bit:[/b] - [2006-10-07 03:13:22 | 000,550,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XV) DRV:[b]64bit:[/b] - [2006-09-18 22:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV - [2098-01-01 09:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2010-06-28 21:50:22 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/07/19 17:31:19] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) DRV - [2007-02-16 01:56:51 | 000,014,032 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysWOW64\drivers\ElbyDelay.sys -- (ElbyDelay) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_pl&c=81&bd=Pavilion&pf=laptop IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_pl&c=81&bd=Pavilion&pf=laptop IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4212696983-1134263897-3029896889-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_pl&c=81&bd=Pavilion&pf=laptop IE - HKU\S-1-5-21-4212696983-1134263897-3029896889-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-4212696983-1134263897-3029896889-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledItems: {f13b157f-b174-47e7-a34d-4815ddfdfeb8}:0.9.87.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-01-30 20:20:23 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-01-30 20:20:23 | 000,000,000 | ---D | M] [2010-02-21 05:59:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paulina i Marcin\AppData\Roaming\mozilla\Extensions [2011-02-01 14:34:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paulina i Marcin\AppData\Roaming\mozilla\Firefox\Profiles\niusvdm0.default\extensions [2010-03-09 17:27:01 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Users\Paulina i Marcin\AppData\Roaming\mozilla\Firefox\Profiles\niusvdm0.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8} [2010-08-29 13:24:29 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Paulina i Marcin\AppData\Roaming\mozilla\Firefox\Profiles\niusvdm0.default\extensions\foxyproxy@eric.h.jung [2010-08-29 13:11:32 | 000,000,000 | ---D | M] (Streamo.tv) -- C:\Users\Paulina i Marcin\AppData\Roaming\mozilla\Firefox\Profiles\niusvdm0.default\extensions\streamo.tv@lukow.pl [2010-12-17 19:55:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010-06-10 14:38:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-08-07 16:07:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-12-17 19:55:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-11-12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010-10-26 09:53:34 | 000,120,296 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll [2010-01-16 02:08:36 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2010-01-16 02:08:36 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2010-01-16 02:08:36 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2010-01-16 02:08:36 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2010-01-16 02:08:36 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-01-16 02:08:36 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2006-09-18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IEPluginBHO Class) - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Users\Paulina i Marcin\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll (GG Network S.A.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3:[b]64bit:[/b] - HKU\S-1-5-21-4212696983-1134263897-3029896889-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () O3 - HKU\S-1-5-21-4212696983-1134263897-3029896889-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () O4:[b]64bit:[/b] - HKLM..\Run: [HP Health Check Scheduler] File not found O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll () O4:[b]64bit:[/b] - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll () O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\WINDOWS\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink) O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-4212696983-1134263897-3029896889-1000..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4212696983-1134263897-3029896889-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4212696983-1134263897-3029896889-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Kolekcja wycinków HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Zaznaczanie HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.251.160.14 94.251.182.11 O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.) O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Paulina i Marcin\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O24 - Desktop BackupWallPaper: C:\Users\Paulina i Marcin\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-06-11 21:03:04 | 000,030,754 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O32 - AutoRun File - [2005-09-11 16:18:54 | 000,000,340 | -HS- | M] () - F:\AUTOMODE -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-02-01 17:24:46 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Paulina i Marcin\Desktop\OTL.exe [2011-02-01 17:18:05 | 001,801,544 | -H-- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Paulina i Marcin\Desktop\Procmon64.exe [2011-02-01 17:17:39 | 003,021,688 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Paulina i Marcin\Desktop\Procmon.exe [2011-02-01 15:45:20 | 000,000,000 | ---D | C] -- C:\Users\Paulina i Marcin\DoctorWeb [2011-01-31 18:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics [2011-01-30 20:20:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs [2011-01-30 20:20:16 | 000,000,000 | ---D | C] -- C:\Users\Paulina i Marcin\AppData\Roaming\VistaCodecs [2011-01-30 20:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VistaCodecPack [2011-01-27 21:26:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security [2011-01-27 21:15:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011-01-27 21:08:33 | 000,000,000 | ---D | C] -- C:\Users\Paulina i Marcin\AppData\Local\temp [2011-01-27 20:56:49 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011-01-27 20:56:49 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011-01-27 20:56:49 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011-01-27 20:56:40 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011-01-27 20:56:39 | 000,000,000 | ---D | C] -- C:\ComboFix [2011-01-27 20:55:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011-01-27 20:55:50 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW [2011-01-27 18:41:05 | 000,000,000 | ---D | C] -- C:\Users\Paulina i Marcin\AppData\Local\Sunbelt Software [2011-01-27 18:40:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2011-01-27 18:33:52 | 000,000,000 | ---D | C] -- C:\Qoobox [2011-01-02 19:13:31 | 000,000,000 | ---D | C] -- C:\Users\Paulina i Marcin\Desktop\zdjecia canada [2010-02-03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-02-01 17:24:48 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Paulina i Marcin\Desktop\OTL.exe [2011-02-01 17:18:05 | 001,801,544 | -H-- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Paulina i Marcin\Desktop\Procmon64.exe [2011-02-01 17:16:37 | 001,324,485 | ---- | M] () -- C:\Users\Paulina i Marcin\Desktop\ProcessMonitor.zip [2011-02-01 17:14:14 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-02-01 17:14:14 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-02-01 15:44:45 | 000,028,884 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-02-01 15:44:45 | 000,028,884 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-02-01 14:53:08 | 192,839,052 | ---- | M] () -- C:\Users\Paulina i Marcin\Desktop\Na_Wspolnej_odc._1387.avi [2011-02-01 14:53:08 | 000,159,744 | ---- | M] () -- C:\Users\Paulina i Marcin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-02-01 13:59:08 | 001,470,822 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-02-01 13:59:08 | 000,659,192 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011-02-01 13:59:08 | 000,587,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-02-01 13:59:08 | 000,122,976 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011-02-01 13:59:08 | 000,101,250 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-02-01 13:53:32 | 000,000,826 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2011-02-01 13:52:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-02-01 13:52:49 | 4293,320,704 | -HS- | M] () -- C:\hiberfil.sys [2011-02-01 08:33:29 | 000,001,660 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011-01-31 19:35:30 | 063,280,373 | ---- | M] () -- C:\Users\Paulina i Marcin\Desktop\PWS.e22-TRODAT.rmvb [2011-01-28 20:48:27 | 000,095,744 | ---- | M] () -- C:\Users\Paulina i Marcin\Desktop\Polityka finansowa- notatki ćwiczenia.doc [2011-01-27 20:23:28 | 000,000,152 | -H-- | M] () -- C:\aaw7boot.cmd [2011-01-27 18:44:24 | 000,049,752 | ---- | M] () -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011-01-27 18:33:27 | 004,262,048 | R--- | M] () -- C:\Users\Paulina i Marcin\Desktop\ComboFix.exe [2011-01-17 09:50:38 | 003,021,688 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Paulina i Marcin\Desktop\Procmon.exe [2011-01-10 17:13:39 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-02-01 17:17:39 | 000,063,306 | ---- | C] () -- C:\Users\Paulina i Marcin\Desktop\procmon.chm [2011-02-01 17:16:31 | 001,324,485 | ---- | C] () -- C:\Users\Paulina i Marcin\Desktop\ProcessMonitor.zip [2011-02-01 14:36:47 | 192,839,052 | ---- | C] () -- C:\Users\Paulina i Marcin\Desktop\Na_Wspolnej_odc._1387.avi [2011-01-31 20:09:48 | 063,280,373 | ---- | C] () -- C:\Users\Paulina i Marcin\Desktop\PWS.e22-TRODAT.rmvb [2011-01-28 20:48:27 | 000,095,744 | ---- | C] () -- C:\Users\Paulina i Marcin\Desktop\Polityka finansowa- notatki ćwiczenia.doc [2011-01-27 21:26:31 | 000,033,800 | ---- | C] () -- C:\Windows\SysNative\drivers\pavboot64.sys [2011-01-27 20:56:49 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011-01-27 20:56:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011-01-27 20:56:49 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011-01-27 20:56:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011-01-27 20:56:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011-01-27 20:23:28 | 000,000,152 | -H-- | C] () -- C:\aaw7boot.cmd [2011-01-27 18:44:25 | 000,049,752 | ---- | C] () -- C:\Windows\SysNative\drivers\SBREDrv.sys [2011-01-27 18:33:03 | 004,262,048 | R--- | C] () -- C:\Users\Paulina i Marcin\Desktop\ComboFix.exe [2010-12-29 01:23:14 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010-11-17 16:08:26 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi [2010-09-16 14:49:03 | 000,000,680 | ---- | C] () -- C:\Users\Paulina i Marcin\AppData\Local\d3d9caps.dat [2010-07-15 20:40:05 | 000,000,000 | ---- | C] () -- C:\Users\Paulina i Marcin\AppData\Roaming\AVSMediaPlayer.m3u [2010-06-23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010-06-23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010-04-10 13:39:20 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2010-03-23 10:11:37 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010-03-15 04:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010-03-11 18:39:23 | 000,425,974 | ---- | C] () -- C:\Users\Paulina i Marcin\AppData\Local\dd_vcredistMSI4D1A.txt [2010-03-11 18:39:23 | 000,011,442 | ---- | C] () -- C:\Users\Paulina i Marcin\AppData\Local\dd_vcredistUI4D1A.txt [2010-02-23 16:11:51 | 000,028,884 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010-02-23 16:11:48 | 000,028,884 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010-02-21 23:24:58 | 000,000,090 | ---- | C] () -- C:\Windows\wincmd.ini [2010-02-21 19:52:34 | 000,000,266 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010-02-21 06:32:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-02-21 03:43:34 | 000,159,744 | ---- | C] () -- C:\Users\Paulina i Marcin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-02-21 03:39:42 | 000,000,000 | ---- | C] () -- C:\Users\Paulina i Marcin\AppData\Local\QSwitch.txt [2010-02-21 03:39:42 | 000,000,000 | ---- | C] () -- C:\Users\Paulina i Marcin\AppData\Local\DSwitch.txt [2010-02-21 03:39:42 | 000,000,000 | ---- | C] () -- C:\Users\Paulina i Marcin\AppData\Local\AtStart.txt [2010-02-21 03:24:37 | 000,001,551 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2009-06-19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll [2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll [2008-01-21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2008-01-21 03:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2007-02-05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [color=#E56717]========== LOP Check ==========[/color] [2010-10-23 19:04:29 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\BESTplayer [2010-02-20 20:31:41 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\DAEMON Tools Lite [2010-11-13 16:18:42 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\GanymedeNet [2010-02-21 06:14:53 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\ipla [2010-11-01 11:15:41 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\Nowe Gadu-Gadu [2010-12-08 18:01:48 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\OpenFM [2010-04-05 11:51:35 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\pl.TribalDDB.WidgetLipton [2011-01-30 20:04:01 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\uTorrent [2011-01-30 20:20:16 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\VistaCodecs [2010-05-20 16:54:35 | 000,000,000 | ---D | M] -- C:\Users\Paulina i Marcin\AppData\Roaming\WildTangent [2011-02-01 08:33:29 | 000,032,530 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] < End of report >