OTL logfile created on: 2011-05-17 16:02:10 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Fajek\Desktop 64bit-Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 50,35 Gb Total Space | 4,26 Gb Free Space | 8,47% Space Free | Partition Type: NTFS Drive E: | 97,66 Gb Total Space | 48,58 Gb Free Space | 49,75% Space Free | Partition Type: NTFS Drive F: | 224,59 Gb Total Space | 88,11 Gb Free Space | 39,23% Space Free | Partition Type: NTFS Computer Name: FAJEK-PC | User Name: Fajek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-05-17 14:12:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Fajek\Desktop\OTL.exe PRC - [2011-05-09 20:03:31 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011-03-28 15:41:14 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2010-12-07 20:33:53 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010-05-23 22:39:41 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe PRC - [2009-10-30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe PRC - [2009-07-27 17:42:10 | 010,719,848 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe PRC - [2009-07-27 16:39:44 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\Nowe Gadu-Gadu\spellchecker_gg.exe PRC - [2008-10-16 18:07:40 | 000,147,456 | ---- | M] (Razer USA Ltd.) -- C:\Program Files (x86)\Razer\Lycosa\razerhid.exe PRC - [2008-10-15 17:47:00 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Razer\Lycosa\razertra.exe PRC - [2008-08-04 01:02:20 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2007-09-12 12:52:18 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Razer\Lachesis\razerhid.exe PRC - [2007-08-16 18:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files (x86)\Razer\Lachesis\OSD.exe PRC - [2007-06-05 11:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Lachesis\razerofa.exe PRC - [2007-05-04 11:39:28 | 000,910,896 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe PRC - [2007-05-04 11:39:12 | 000,149,040 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2007-01-30 12:02:00 | 000,303,104 | ---- | M] (FUJIFILM Corporation) -- C:\Program Files (x86)\FinePixViewer\QuickDCF2.exe PRC - [2006-11-03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC7302\Monitor.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-05-17 14:12:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Fajek\Desktop\OTL.exe MOD - [2010-08-31 17:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2009-07-17 15:31:34 | 004,948,992 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService) SRV:[b]64bit:[/b] - [2008-01-19 10:06:50 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2008-01-19 10:00:52 | 000,195,584 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011-03-28 15:41:12 | 002,111,368 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010-12-07 20:33:53 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010-09-29 20:39:01 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010-07-09 16:09:52 | 000,248,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010-01-28 22:29:34 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2010-08-02 20:25:41 | 000,012,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi) DRV:[b]64bit:[/b] - [2010-08-02 15:29:49 | 000,082,816 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pcouffin.sys -- (pcouffin) DRV:[b]64bit:[/b] - [2010-06-20 10:30:16 | 000,310,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt) DRV:[b]64bit:[/b] - [2010-06-20 10:30:16 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt) DRV:[b]64bit:[/b] - [2010-01-28 19:18:22 | 000,198,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\snapman.sys -- (snapman) DRV:[b]64bit:[/b] - [2010-01-28 11:45:42 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2008-05-22 14:22:26 | 000,020,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lycosa.sys -- (Lycosa) DRV:[b]64bit:[/b] - [2008-01-19 08:47:12 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:[b]64bit:[/b] - [2008-01-19 08:27:58 | 000,013,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Dot4Scan.sys -- (Dot4Scan) DRV:[b]64bit:[/b] - [2007-11-08 10:29:22 | 000,527,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PAC7302.SYS -- (PAC7302) DRV:[b]64bit:[/b] - [2007-08-17 16:48:46 | 000,030,336 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Lachesis.sys -- (VaneFltr) DRV:[b]64bit:[/b] - [2007-04-30 07:42:00 | 000,104,448 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:[b]64bit:[/b] - [2006-09-30 12:36:14 | 000,013,008 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pstrip64.sys -- (PStrip64) DRV:[b]64bit:[/b] - [2006-09-18 23:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs) DRV:[b]64bit:[/b] - [2005-10-21 18:01:22 | 000,019,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbicp.sys -- (uisp) DRV - [2007-11-08 10:30:08 | 000,454,656 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PAC7302.sys -- (PAC7302) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2939062004-777226015-3521591518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/ IE - HKU\S-1-5-21-2939062004-777226015-3521591518-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2939062004-777226015-3521591518-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2939062004-777226015-3521591518-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.selectedEngine: "Wikipedia (pl)" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4 FF - prefs.js..extensions.enabledItems: zrzuta.eu@gmail.com:1.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-05-23 22:40:21 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-05-09 20:03:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-05-09 20:03:35 | 000,000,000 | ---D | M] [2010-01-28 01:00:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fajek\AppData\Roaming\mozilla\Extensions [2011-05-15 12:12:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fajek\AppData\Roaming\mozilla\Firefox\Profiles\atwvnrmj.default\extensions [2010-07-05 00:51:25 | 000,000,000 | ---D | M] (Zrzuta.eu) -- C:\Users\Fajek\AppData\Roaming\mozilla\Firefox\Profiles\atwvnrmj.default\extensions\zrzuta.eu@gmail.com [2010-01-28 11:46:28 | 000,002,055 | ---- | M] () -- C:\Users\Fajek\AppData\Roaming\Mozilla\Firefox\Profiles\atwvnrmj.default\searchplugins\daemon-search.xml [2011-03-19 23:54:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011-01-14 21:25:54 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010-04-18 22:00:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-08-28 10:53:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-12-01 19:39:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011-03-19 23:54:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\FAJEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ATWVNRMJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2010-01-29 21:32:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011-05-09 20:03:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011-02-02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-05-09 20:03:32 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml [2011-05-09 20:03:32 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml [2011-05-09 20:03:32 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml [2011-05-09 20:03:32 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml [2011-05-09 20:03:32 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-05-09 20:03:32 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2010-02-01 21:01:17 | 000,000,864 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 121.128.133.27 gwgt1.joymax.com O1 - Hosts: 121.128.133.27 gwgt2.joymax.com O1 - Hosts: 121.128.133.27 gwgt3.joymax.com O1 - Hosts: 121.128.133.27 gwgt4.joymax.com O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O3:[b]64bit:[/b] - HKU\S-1-5-21-2939062004-777226015-3521591518-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O4:[b]64bit:[/b] - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Lachesis] C:\Program Files (x86)\Razer\Lachesis\razerhid.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Lycosa] C:\Program Files (x86)\Razer\Lycosa\razerhid.exe (Razer USA Ltd.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2939062004-777226015-3521591518-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-2939062004-777226015-3521591518-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-2939062004-777226015-3521591518-1000..\Run: [Nowe Gadu-Gadu] C:\Program Files (x86)\Nowe Gadu-Gadu\gg.exe (GG Network S.A.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O7 - HKU\S-1-5-21-2939062004-777226015-3521591518-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157 O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - File not found O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\PrxerNsp.dll ( ) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\gamelsp.dll (Copyright (C) GameCap) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\gamelsp.dll (Copyright (C) GameCap) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\gamelsp.dll (Copyright (C) GameCap) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex Software) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\gamelsp.dll (Copyright (C) GameCap) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\PrxerDrv.dll (Initex Software) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.172.224.160 217.172.224.92 O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: F:\Metallica\Slash\slash (2).jpg O24 - Desktop BackupWallPaper: F:\Metallica\Slash\slash (2).jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-12-25 22:20:18 | 002,047,357 | ---- | M] () - F:\AutoHotkey104805_Install.exe -- [ NTFS ] O32 - AutoRun File - [2010-02-08 22:24:34 | 000,267,918 | ---- | M] () - F:\AutoSelect.rar -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-05-17 15:35:41 | 000,000,000 | ---D | C] -- C:\_OTL [2011-05-17 14:12:04 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Fajek\Desktop\OTL.exe [2011-05-16 22:42:01 | 000,000,000 | ---D | C] -- C:\Users\Fajek\Documents\The Witcher 2 [2011-05-16 22:42:01 | 000,000,000 | ---D | C] -- C:\Users\Fajek\AppData\Local\The Witcher 2 [2011-05-15 23:04:22 | 000,000,000 | ---D | C] -- C:\Users\Fajek\AppData\Local\Apps [2011-05-15 23:04:21 | 000,000,000 | ---D | C] -- C:\Users\Fajek\AppData\Local\Deployment [2011-05-12 23:37:04 | 000,000,000 | ---D | C] -- C:\Users\Fajek\Documents\Karpacz 2 [2011-05-12 21:21:58 | 000,000,000 | ---D | C] -- C:\Users\Fajek\Desktop\dsada [2011-04-27 15:52:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll [2011-04-27 15:52:14 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll [2011-04-26 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011-04-26 13:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011-04-26 13:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011-04-26 13:32:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011-04-26 13:06:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011-04-26 13:06:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011-04-24 18:16:09 | 640,805,629 | ---- | C] (Igor Pavlov) -- C:\Users\Fajek\Desktop\DragonBall Z M.U.G.E.N Edition 2011 (Hi-Res).exe [2011-04-23 00:13:57 | 000,000,000 | ---D | C] -- C:\Users\Fajek\Documents\My Games [2010-08-02 15:29:49 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Fajek\AppData\Roaming\pcouffin.sys [2010-02-06 16:45:25 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\PrxerNsp.dll [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-05-17 16:02:04 | 004,194,304 | -HS- | M] () -- C:\Users\Fajek\NTUSER.DAT [2011-05-17 15:58:29 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat [2011-05-17 15:58:29 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001 [2011-05-17 15:58:08 | 000,004,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011-05-17 15:58:08 | 000,004,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011-05-17 15:58:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-05-17 15:58:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-05-17 15:56:57 | 000,524,288 | -HS- | M] () -- C:\Users\Fajek\NTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000001.regtrans-ms [2011-05-17 15:56:57 | 000,065,536 | -HS- | M] () -- C:\Users\Fajek\NTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TM.blf [2011-05-17 15:56:54 | 003,895,024 | -H-- | M] () -- C:\Users\Fajek\AppData\Local\IconCache.db [2011-05-17 15:44:13 | 001,524,154 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011-05-17 15:44:13 | 000,681,512 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2011-05-17 15:44:13 | 000,604,566 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011-05-17 15:44:13 | 000,135,824 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2011-05-17 15:44:13 | 000,107,898 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011-05-17 14:12:18 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Fajek\Desktop\OTL.exe [2011-05-17 11:06:43 | 000,063,192 | ---- | M] () -- C:\Users\Fajek\AppData\Local\GDIPFONTCACHEV1.DAT [2011-05-17 11:05:57 | 002,204,096 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011-05-15 01:24:16 | 004,027,872 | ---- | M] () -- C:\Users\Fajek\Documents\Coma - Leszek Żukowski (demo).mp3 [2011-05-15 01:23:26 | 001,433,808 | ---- | M] () -- C:\Users\Fajek\Documents\System of a Down - Old School Hollywood.mp3 [2011-05-14 14:39:28 | 000,038,912 | ---- | M] () -- C:\Users\Fajek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-05-12 23:14:50 | 001,677,539 | ---- | M] () -- C:\Users\Fajek\Documents\Oasis - Wonderwall.mp3 [2011-05-12 23:14:26 | 001,503,268 | ---- | M] () -- C:\Users\Fajek\Documents\Red Hot Chili Peppers - Road Trippin.mp3 [2011-05-12 23:13:46 | 001,701,518 | ---- | M] () -- C:\Users\Fajek\Documents\Sting - Fragile.mp3 [2011-05-12 21:59:44 | 001,281,838 | ---- | M] () -- C:\Users\Fajek\Documents\skanowanie0038.jpg [2011-05-12 21:59:39 | 000,743,995 | ---- | M] () -- C:\Users\Fajek\Documents\skanowanie0037.jpg [2011-05-09 23:11:00 | 089,053,132 | ---- | M] () -- C:\Users\Fajek\Documents\1991-T.rar [2011-05-09 23:04:41 | 088,477,174 | ---- | M] () -- C:\Users\Fajek\Documents\2006-PJ.rar [2011-05-09 22:59:18 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2011-05-07 00:34:43 | 029,448,123 | ---- | M] () -- C:\Users\Fajek\Documents\Kurs gry.rar [2011-04-26 23:28:03 | 002,087,166 | ---- | M] () -- C:\Users\Fajek\Documents\Pearl jam - better man.mp3 [2011-04-26 23:27:21 | 001,488,240 | ---- | M] () -- C:\Users\Fajek\Documents\Jason Mraz & Colbie Caillat - Lucky (Video).mp3 [2011-04-26 20:19:59 | 000,002,415 | ---- | M] () -- C:\Users\Fajek\Desktop\Skype.lnk [2011-04-26 13:32:23 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011-04-24 19:50:22 | 640,805,629 | ---- | M] (Igor Pavlov) -- C:\Users\Fajek\Desktop\DragonBall Z M.U.G.E.N Edition 2011 (Hi-Res).exe [2011-04-23 23:40:35 | 000,067,955 | ---- | M] () -- C:\Users\Fajek\Desktop\Ameruka.jpg [2011-04-23 23:39:57 | 000,147,603 | ---- | M] () -- C:\Users\Fajek\Desktop\Europa wg. Amerykanów.jpg [2011-04-23 20:07:05 | 000,190,748 | ---- | M] () -- C:\Users\Fajek\Documents\wielkanoc4.jpg [2011-04-23 00:35:40 | 000,000,597 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk [2011-04-18 21:53:39 | 000,490,707 | ---- | M] () -- C:\Users\Fajek\Desktop\49146-czerstwe-zarty.jpg [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-05-15 01:23:57 | 004,027,872 | ---- | C] () -- C:\Users\Fajek\Documents\Coma - Leszek Żukowski (demo).mp3 [2011-05-15 01:23:11 | 001,433,808 | ---- | C] () -- C:\Users\Fajek\Documents\System of a Down - Old School Hollywood.mp3 [2011-05-12 23:13:57 | 001,677,539 | ---- | C] () -- C:\Users\Fajek\Documents\Oasis - Wonderwall.mp3 [2011-05-12 23:13:36 | 001,503,268 | ---- | C] () -- C:\Users\Fajek\Documents\Red Hot Chili Peppers - Road Trippin.mp3 [2011-05-12 23:13:04 | 001,701,518 | ---- | C] () -- C:\Users\Fajek\Documents\Sting - Fragile.mp3 [2011-05-12 21:44:09 | 000,743,995 | ---- | C] () -- C:\Users\Fajek\Documents\skanowanie0037.jpg [2011-05-12 21:44:01 | 001,281,838 | ---- | C] () -- C:\Users\Fajek\Documents\skanowanie0038.jpg [2011-05-09 23:04:47 | 089,053,132 | ---- | C] () -- C:\Users\Fajek\Documents\1991-T.rar [2011-05-09 22:59:18 | 000,001,680 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2011-05-09 22:59:18 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2011-05-09 22:54:02 | 088,477,174 | ---- | C] () -- C:\Users\Fajek\Documents\2006-PJ.rar [2011-05-09 20:03:36 | 000,000,900 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011-05-08 01:04:56 | 003,895,024 | -H-- | C] () -- C:\Users\Fajek\AppData\Local\IconCache.db [2011-05-07 00:34:27 | 029,448,123 | ---- | C] () -- C:\Users\Fajek\Documents\Kurs gry.rar [2011-04-27 15:52:15 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll [2011-04-27 15:52:12 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [2011-04-26 23:27:21 | 002,087,166 | ---- | C] () -- C:\Users\Fajek\Documents\Pearl jam - better man.mp3 [2011-04-26 23:26:49 | 001,488,240 | ---- | C] () -- C:\Users\Fajek\Documents\Jason Mraz & Colbie Caillat - Lucky (Video).mp3 [2011-04-26 13:32:23 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011-04-23 23:40:35 | 000,067,955 | ---- | C] () -- C:\Users\Fajek\Desktop\Ameruka.jpg [2011-04-23 23:39:56 | 000,147,603 | ---- | C] () -- C:\Users\Fajek\Desktop\Europa wg. Amerykanów.jpg [2011-04-23 20:07:04 | 000,190,748 | ---- | C] () -- C:\Users\Fajek\Documents\wielkanoc4.jpg [2011-04-23 00:35:40 | 000,000,597 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk [2011-04-18 21:53:35 | 000,490,707 | ---- | C] () -- C:\Users\Fajek\Desktop\49146-czerstwe-zarty.jpg [2011-01-31 23:01:58 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011-01-31 23:01:57 | 000,810,496 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011-01-31 23:01:57 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-01-31 23:01:56 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011-01-31 23:01:56 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011-01-31 23:01:56 | 000,000,590 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest [2010-12-24 00:50:09 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\mp3Media2.dll [2010-12-10 09:26:37 | 000,000,093 | ---- | C] () -- C:\Users\Fajek\AppData\Local\fusioncache.dat [2010-12-10 09:24:54 | 001,549,514 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010-10-13 20:01:06 | 000,000,680 | ---- | C] () -- C:\Users\Fajek\AppData\Local\d3d9caps.dat [2010-09-02 20:56:15 | 000,000,046 | ---- | C] () -- C:\Users\Fajek\AppData\Roaming\mBot.ini [2010-08-25 20:03:23 | 000,040,960 | ---- | C] () -- C:\Windows\98Setup.exe [2010-08-25 20:03:23 | 000,000,323 | ---- | C] () -- C:\Windows\SysWow64\Remover.ini [2010-08-25 20:03:21 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\SP7302.ini [2010-08-02 15:29:49 | 000,099,384 | ---- | C] () -- C:\Users\Fajek\AppData\Roaming\inst.exe [2010-08-02 15:29:49 | 000,007,859 | ---- | C] () -- C:\Users\Fajek\AppData\Roaming\pcouffin.cat [2010-08-02 15:29:49 | 000,001,167 | ---- | C] () -- C:\Users\Fajek\AppData\Roaming\pcouffin.inf [2010-07-27 20:28:17 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\wvl813.dll [2010-07-09 21:04:40 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2010-06-22 14:08:22 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010-05-19 19:18:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-04-18 22:07:21 | 000,009,108 | ---- | C] () -- C:\Users\Fajek\AppData\Roaming\PStrip.bko [2010-03-11 18:54:42 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010-03-11 18:54:40 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010-03-11 18:54:39 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini [2010-02-06 16:45:26 | 000,000,199 | ---- | C] () -- C:\Users\Fajek\AppData\Roaming\Current.prx [2010-02-06 02:08:00 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin [2010-02-06 02:08:00 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin [2010-01-31 21:19:25 | 000,009,108 | ---- | C] () -- C:\Users\Fajek\AppData\Roaming\PStrip.bk! [2010-01-31 21:19:10 | 000,009,108 | ---- | C] () -- C:\Users\Fajek\AppData\Roaming\PStrip.bak [2010-01-31 21:14:55 | 000,009,210 | ---- | C] () -- C:\Users\Fajek\AppData\Roaming\PStrip.ini [2010-01-31 21:14:23 | 000,000,075 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat [2010-01-31 21:13:02 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010-01-31 21:12:55 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010-01-31 21:11:12 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini [2010-01-30 15:10:54 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2010-01-30 15:10:25 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini [2010-01-28 18:47:37 | 000,038,912 | ---- | C] () -- C:\Users\Fajek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-01-27 23:59:06 | 000,063,192 | ---- | C] () -- C:\Users\Fajek\AppData\Local\GDIPFONTCACHEV1.DAT [2010-01-27 23:58:20 | 000,000,732 | ---- | C] () -- C:\Users\Fajek\AppData\Local\d3d9caps64.dat [2006-11-02 17:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006-11-02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2006-11-02 14:37:06 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2006-11-02 14:34:27 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2006-11-02 14:34:27 | 000,000,144 | ---- | C] () -- C:\Windows\win.ini [2006-11-02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2006-11-02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006-11-02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [1913-08-01 16:18:54 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 64 bytes -> C:\Users\Fajek\Desktop\V260111_15.580001.AVI:TOC.WMV @Alternate Data Stream - 152 bytes -> C:\Users\Fajek\Documents\wniosek.JPG:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 152 bytes -> C:\Users\Fajek\Documents\lic.JPG:3or4kl4x13tuuug3Byamue2s4b @Alternate Data Stream - 152 bytes -> C:\Users\Fajek\Documents\dowód rejestracyjny.JPG:3or4kl4x13tuuug3Byamue2s4b < End of report >