OTL logfile created on: 2011-06-28 23:04:06 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Paweł\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,00 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 60,65% Memory free 5,99 Gb Paging File | 4,67 Gb Available in Paging File | 77,83% Paging File free Paging file location(s): C:\pagefile.sys 3069 3069 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 5,63 Gb Free Space | 11,52% Space Free | Partition Type: NTFS Drive D: | 146,48 Gb Total Space | 8,83 Gb Free Space | 6,03% Space Free | Partition Type: NTFS Drive E: | 177,29 Gb Total Space | 17,62 Gb Free Space | 9,94% Space Free | Partition Type: NTFS Drive F: | 322,18 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 1,91 Gb Total Space | 1,91 Gb Free Space | 99,99% Space Free | Partition Type: FAT Computer Name: PAWEŁ-KOMPUTER | User Name: Paweł | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011-06-28 23:03:06 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Paweł\Desktop\OTL.exe PRC - [2011-06-22 21:32:29 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011-06-07 21:29:16 | 000,630,272 | ---- | M] (FileZilla Project) -- C:\Program Files\FileZilla Server\FileZilla server.exe PRC - [2011-05-25 09:25:02 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2011-05-25 09:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-01-25 00:22:16 | 002,246,080 | ---- | M] () -- C:\Program Files\SpyShelter Personal Free\SpyShelter.exe PRC - [2010-12-16 07:19:28 | 012,984,928 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2010-09-20 17:04:02 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe PRC - [2009-10-31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-07-14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011-06-28 23:03:06 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Paweł\Desktop\OTL.exe MOD - [2009-07-14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011-06-17 19:37:49 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011-06-07 21:29:16 | 000,630,272 | ---- | M] (FileZilla Project) [Auto | Running] -- C:\Program Files\FileZilla Server\FileZilla Server.exe -- (FileZilla Server) SRV - [2011-05-25 09:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-05-20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010-09-20 17:04:02 | 000,352,976 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP) SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011-05-25 09:25:04 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2011-05-25 09:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2011-01-25 00:26:58 | 000,181,184 | ---- | M] (SpyShelter) [Kernel | System | Running] -- C:\Program Files\SpyShelter Personal Free\SpyShelter.sys -- (SpyShelter) DRV - [2010-09-20 17:04:02 | 000,488,024 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2010-08-21 16:40:16 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010-08-20 19:26:16 | 000,035,363 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\windrvNT.sys -- (windrvNT) DRV - [2010-08-20 18:49:50 | 000,017,984 | ---- | M] () [File_System | Auto | Running] -- C:\Windows\System32\WinFLdrv.sys -- (WinFLdrv) DRV - [2010-08-20 18:32:51 | 000,180,224 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\WinVd32.sys -- (WinVd32) DRV - [2010-06-09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2) DRV - [2010-06-09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (kl1) DRV - [2010-04-22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2009-11-02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2007-12-14 09:21:32 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 4\LU4\FlashSys.sys -- (FLASHSYS) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1968368447-2261175593-3421653643-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcf.pl IE - HKU\S-1-5-21-1968368447-2261175593-3421653643-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=107 IE - HKU\S-1-5-21-1968368447-2261175593-3421653643-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1968368447-2261175593-3421653643-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-1968368447-2261175593-3421653643-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcf.pl IE - HKU\S-1-5-21-1968368447-2261175593-3421653643-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=107 IE - HKU\S-1-5-21-1968368447-2261175593-3421653643-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1968368447-2261175593-3421653643-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "http://www.gazeta.pl/0,0.html?p=107" FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.1.400 FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.1.400 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011-06-22 21:32:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-05-06 14:47:53 | 000,000,000 | ---D | M] [2010-08-20 18:21:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paweł\AppData\Roaming\mozilla\Extensions [2011-06-27 19:09:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paweł\AppData\Roaming\mozilla\Firefox\Profiles\ojp5yhne.default\extensions [2011-06-19 11:57:45 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Paweł\AppData\Roaming\mozilla\Firefox\Profiles\ojp5yhne.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011-06-22 21:42:41 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Paweł\AppData\Roaming\mozilla\Firefox\Profiles\ojp5yhne.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010-10-16 16:33:05 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Paweł\AppData\Roaming\mozilla\Firefox\Profiles\ojp5yhne.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011-06-27 19:09:45 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Paweł\AppData\Roaming\mozilla\Firefox\Profiles\ojp5yhne.default\extensions\battlefieldheroespatcher@ea.com [2011-05-07 16:49:33 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Paweł\AppData\Roaming\mozilla\Firefox\Profiles\ojp5yhne.default\extensions\engine@conduit.com [2011-05-06 13:41:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-10-08 21:37:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-10-14 11:35:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-09-20 16:47:20 | 000,000,000 | ---D | M] (Blokowanie banerów) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2010-09-20 16:47:20 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2010-08-21 10:41:55 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de File not found (No name found) -- File not found (No name found) -- C:\USERS\PAWEĹ‚\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OJP5YHNE.DEFAULT\EXTENSIONS\{1018E4D6-728F-4B20-AD56-37578A4DE76B} File not found (No name found) -- C:\USERS\PAWEĹ‚\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OJP5YHNE.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI File not found (No name found) -- C:\USERS\PAWEĹ‚\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OJP5YHNE.DEFAULT\EXTENSIONS\BATTLEFIELDHEROESPATCHER@EA.COM File not found (No name found) -- C:\USERS\PAWEĹ‚\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\OJP5YHNE.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI [2011-06-22 21:32:29 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2011-05-06 14:47:51 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2011-05-06 14:47:51 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2011-05-06 14:47:51 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2011-05-06 14:47:51 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2011-05-06 14:47:51 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2011-05-06 14:47:51 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [SpyShelter] C:\Program Files\SpyShelter Personal Free\SpyShelter.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] File not found O4 - HKU\S-1-5-20..\Run: [Sidebar] File not found O4 - HKU\S-1-5-21-1968368447-2261175593-3421653643-1001..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1968368447-2261175593-3421653643-1006..\Run: [Gadu-Gadu 10] C:\Program Files\Gadu-Gadu 10\gg.exe (GG Network S.A.) O4 - HKU\S-1-5-21-1968368447-2261175593-3421653643-1006..\Run: [Sidebar] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1968368447-2261175593-3421653643-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Paweł\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O9 - Extra Button: &Klawiatura wirtualna - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.22.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~2\AVP11\mzvkbd3.dll) - C:\ProgramData\AVP11\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - AppInit_DLLs: (C:\PROGRA~2\AVP11\kloehk.dll) - C:\ProgramData\AVP11\kloehk.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008-06-10 00:06:50 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{41f45a4b-ac75-11df-914e-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{41f45a4b-ac75-11df-914e-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Gazeta.exe -- [2008-07-07 21:03:18 | 000,222,208 | R--- | M] () O33 - MountPoints2\{5104fee7-ad32-11df-8c0f-001a4d5237a8}\Shell - "" = AutoRun O33 - MountPoints2\{5104fee7-ad32-11df-8c0f-001a4d5237a8}\Shell\AutoRun\command - "" = L:\autorun.exe O33 - MountPoints2\{6ac7a808-166b-11e0-99fc-001a4d5237a8}\Shell - "" = AutoRun O33 - MountPoints2\{6ac7a808-166b-11e0-99fc-001a4d5237a8}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011-06-28 23:02:48 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Paweł\Desktop\OTL.exe [2011-06-28 22:50:31 | 000,000,000 | ---D | C] -- C:\Windows\LastGood [2011-06-28 22:50:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2011-06-28 22:49:52 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2011-06-28 22:49:51 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2011-06-28 22:49:51 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2011-06-28 22:49:51 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2011-06-28 22:49:51 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2011-06-28 22:49:48 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2011-06-28 22:49:46 | 002,164,840 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2011-06-28 22:49:45 | 000,072,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2011-06-28 22:49:44 | 000,485,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2011-06-28 22:49:43 | 004,169,832 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2011-06-28 22:49:39 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2011-06-28 22:49:38 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2011-06-28 22:49:38 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2011-06-28 22:49:38 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2011-06-28 22:49:37 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2011-06-28 22:49:37 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2011-06-28 22:49:33 | 000,738,392 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBAPO32.dll [2011-06-28 22:49:33 | 000,053,848 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBppld32.dll [2011-06-28 22:49:33 | 000,050,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBPPCn32.dll [2011-06-28 22:49:31 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2011-06-28 22:49:31 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2011-06-28 22:49:31 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2011-06-28 22:49:23 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2011-06-28 22:49:21 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2011-06-28 22:49:21 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2011-06-28 18:46:25 | 000,139,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys [2011-06-28 18:46:25 | 000,026,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll [2011-06-28 18:46:05 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011-06-28 18:46:04 | 016,456,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011-06-28 18:46:04 | 010,589,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011-06-28 18:46:04 | 000,899,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220150.dll [2011-06-28 18:46:04 | 000,865,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322090.dll [2011-06-28 18:46:03 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011-06-28 18:46:03 | 011,992,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2011-06-28 18:46:03 | 005,301,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011-06-28 18:46:03 | 002,804,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011-06-28 18:46:03 | 002,082,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011-06-28 18:46:03 | 000,012,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011-06-28 18:36:38 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll [2011-06-28 18:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2011-06-28 18:36:21 | 000,000,000 | ---D | C] -- C:\Intel [2011-06-28 15:31:13 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011-06-27 19:39:10 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Local\PunkBuster [2011-06-27 19:34:31 | 000,000,000 | ---D | C] -- C:\Users\Paweł\Documents\Battlefield Heroes [2011-06-27 19:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games [2011-06-27 19:10:41 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games [2011-06-26 11:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011-06-26 11:59:32 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm [2011-06-26 11:59:32 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll [2011-06-26 11:59:32 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm [2011-06-25 14:27:00 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Grabber II [2011-06-25 14:27:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Grabber II [2011-06-25 14:27:00 | 000,000,000 | ---D | C] -- C:\Program Files\Image Grabber II [2011-06-25 13:54:56 | 000,438,272 | ---- | C] (On2.com) -- C:\Windows\System32\vp6vfw.dll [2011-06-25 13:54:56 | 000,075,264 | ---- | C] (Zlib) -- C:\Windows\System32\zlib1.dll [2011-06-25 13:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoCharge Software [2011-06-25 13:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\VideoCharge Software [2011-06-25 13:47:19 | 000,000,000 | ---D | C] -- C:\Users\Paweł\Documents\Downloads [2011-06-25 13:47:05 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\GetRightToGo [2011-06-22 22:10:32 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Easy Thumbnails [2011-06-22 22:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Thumbnails [2011-06-22 22:10:26 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Thumbnails [2011-06-22 22:05:13 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Thumbnails Maker [2011-06-22 22:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Thumbnails Maker [2011-06-22 22:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\Video Thumbnails Maker [2011-06-22 20:55:28 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image Grabber II.NET [2011-06-22 20:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\Image Grabber II.NET [2011-06-22 20:26:53 | 000,000,000 | ---D | C] -- C:\Users\Paweł\Documents\The KMPlayer [2011-06-22 20:26:23 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer [2011-06-22 20:26:18 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer [2011-06-22 17:38:43 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\CoreFTP [2011-06-22 17:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\CoreFTP [2011-06-22 17:38:18 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Core FTP [2011-06-21 20:52:04 | 111,440,424 | ---- | C] (Kaspersky Lab) -- C:\Users\Paweł\Desktop\kis11.0.1.400pl_pl.exe [2011-06-20 20:54:09 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\FileZilla [2011-06-20 20:53:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2011-06-20 20:53:57 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client [2011-06-20 17:18:53 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTP Commander [2011-06-20 17:18:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTP Commander [2011-06-20 17:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\FTP Commander [2011-06-20 17:13:33 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla Server [2011-06-20 17:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server [2011-06-20 17:13:29 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla Server [2011-06-15 15:39:05 | 000,000,000 | ---D | C] -- C:\Users\Paweł\Desktop\lol [2011-06-09 16:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Joiner [2011-06-09 16:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Free Video Joiner [2011-06-09 16:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft Video Joiner [2011-06-09 16:47:23 | 000,000,000 | ---D | C] -- C:\Users\Paweł\Desktop\v5.32.nd [2011-06-09 16:42:49 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Roaming\Boilsoft [2011-06-09 16:42:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft [2011-06-09 16:42:46 | 000,000,000 | ---D | C] -- C:\Program Files\Boilsoft Video Joiner [2011-06-09 16:32:42 | 000,713,728 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscommpgenc.dll [2011-06-09 16:32:42 | 000,712,704 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomflvenc.dll [2011-06-09 16:32:42 | 000,712,192 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomflashenc.dll [2011-06-09 16:32:42 | 000,706,560 | ---- | C] (Viscom Software Viscom Software) -- C:\Windows\System32\viscomdata1.dll [2011-06-09 16:32:42 | 000,705,536 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomdata2.dll [2011-06-09 16:32:42 | 000,387,584 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomflvdec.dll [2011-06-09 16:32:42 | 000,140,288 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomqtde.dll [2011-06-09 16:32:42 | 000,117,760 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscommpgdec.dll [2011-06-09 16:32:42 | 000,076,800 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomrmencoder.dll [2011-06-09 16:32:42 | 000,060,416 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomtran.dll [2011-06-09 16:32:42 | 000,059,904 | ---- | C] (Viscom Software) -- C:\Windows\System32\viscomaudioencoder.dll [2011-06-09 16:32:42 | 000,059,904 | ---- | C] (Viscom Software) -- C:\Windows\System32\viscomaudiodata.dll [2011-06-09 16:32:42 | 000,054,272 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomframe.dll [2011-06-09 16:32:42 | 000,052,736 | ---- | C] (Viscom Software) -- C:\Windows\System32\viscomwave.dll [2011-06-09 16:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zealot Software [2011-06-09 16:32:41 | 000,136,192 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\VideoEdit.ocx [2011-06-09 16:32:40 | 000,299,008 | ---- | C] (Gabest) -- C:\Windows\System32\RealMediaSplitter.ax [2011-06-09 16:32:39 | 000,620,094 | ---- | C] (DivXNetworks, Inc.) -- C:\Windows\System32\divx.dll [2011-06-09 16:32:39 | 000,264,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg4ds32.ax [2011-06-09 16:32:39 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg4ds32.axu [2011-06-09 16:32:39 | 000,236,544 | ---- | C] (DivXNetworks, Inc.) -- C:\Windows\System32\divxdec.ax [2011-06-09 16:32:39 | 000,139,264 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\Mpeg2Decoder.ax [2011-06-09 16:32:39 | 000,094,208 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\Mpeg2Parser.ax [2011-06-09 16:32:39 | 000,083,456 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecx.ax [2011-06-09 16:32:39 | 000,000,000 | ---D | C] -- C:\Program Files\Zealot Software [2011-06-09 16:27:37 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Local\{1D3BB061-C7B2-4A9F-A1F4-BDB0CE2713F8} [2011-06-09 16:15:55 | 000,000,000 | ---D | C] -- C:\Program Files\Dzielenie i laczenie plikow [2011-06-09 16:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dziel. i łącz. plików [2011-06-09 16:12:56 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Local\{8BDE83D9-296D-4BF0-BAAA-2275789FABEF} [2011-06-09 16:12:55 | 000,000,000 | ---D | C] -- C:\Users\Paweł\AppData\Local\{F7F1121F-F738-4E0F-A08F-054D4E15C7FA} [2011-06-08 15:47:11 | 000,000,000 | ---D | C] -- C:\Program Files\Dragon Age 2 [2011-06-08 10:10:56 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011-06-05 15:18:22 | 000,000,000 | --SD | C] -- C:\Users\Paweł\Documents\My Playstation Themes [2011-06-05 15:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Theme Builder [2011-06-05 15:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xross Media Simulator [2011-06-05 15:16:43 | 000,000,000 | ---D | C] -- C:\Program Files\Xross Media Simulator [2011-06-05 15:16:12 | 000,000,000 | ---D | C] -- C:\Program Files\PS3 Theme Builder [2011-06-04 17:50:17 | 000,944,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220140.dll [2011-06-04 17:50:17 | 000,865,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco322040.dll [2011-06-04 17:50:17 | 000,855,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322060.dll [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011-06-28 23:19:08 | 002,359,296 | -HS- | M] () -- C:\Users\Paweł\NTUSER.DAT [2011-06-28 23:05:05 | 000,879,223 | ---- | M] () -- C:\Users\Paweł\Desktop\SecurityCheck.exe [2011-06-28 23:03:06 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Paweł\Desktop\OTL.exe [2011-06-28 22:55:38 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011-06-28 22:55:38 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011-06-28 22:52:59 | 001,661,232 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2011-06-28 22:52:59 | 000,737,242 | ---- | M] () -- C:\Windows\System32\perfh015.dat [2011-06-28 22:52:59 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011-06-28 22:52:59 | 000,153,930 | ---- | M] () -- C:\Windows\System32\perfc015.dat [2011-06-28 22:52:59 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011-06-28 22:48:45 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011-06-28 22:48:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2011-06-28 22:48:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011-06-28 22:48:03 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys [2011-06-28 22:40:10 | 002,017,873 | -H-- | M] () -- C:\Users\Paweł\AppData\Local\IconCache.db [2011-06-28 22:09:58 | 000,139,080 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011-06-28 22:09:52 | 000,270,240 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr [2011-06-28 21:46:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011-06-28 15:46:56 | 000,270,240 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0 [2011-06-28 15:31:13 | 000,002,997 | ---- | M] () -- C:\Users\Paweł\Desktop\HiJackThis.lnk [2011-06-27 19:33:55 | 000,138,056 | ---- | M] () -- C:\Users\Paweł\AppData\Roaming\PnkBstrK.sys [2011-06-27 10:02:45 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011-06-25 14:27:00 | 000,001,957 | ---- | M] () -- C:\Users\Paweł\Desktop\Image Grabber II.lnk [2011-06-25 13:57:09 | 000,001,113 | ---- | M] () -- C:\Users\Paweł\Desktop\Video Thumbnails Maker.lnk [2011-06-24 22:24:11 | 000,831,074 | ---- | M] () -- C:\Users\Paweł\Desktop\wiciu.png [2011-06-22 22:10:27 | 000,000,918 | ---- | M] () -- C:\Users\Paweł\Desktop\Easy Thumbnails.lnk [2011-06-22 18:27:00 | 000,000,201 | ---- | M] () -- C:\Users\Paweł\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url [2011-06-22 18:26:24 | 000,000,201 | ---- | M] () -- C:\Users\Paweł\Desktop\Call of Duty Modern Warfare 2.url [2011-06-22 17:38:18 | 000,000,738 | ---- | M] () -- C:\Users\Paweł\Desktop\Core FTP LE.lnk [2011-06-21 20:43:54 | 111,712,452 | ---- | M] () -- C:\Users\Paweł\Desktop\Kaspersky.Internet.Security.PL.rar [2011-06-21 11:38:18 | 000,121,350 | ---- | M] () -- C:\Users\Paweł\Desktop\Szablony - paczka.rar [2011-06-21 11:15:35 | 770,255,355 | ---- | M] () -- C:\Users\Paweł\Desktop\Kc.Vgs.w.Bngkku.2011.PLSUBBED.TS.XviD-BiDA.rar [2011-06-19 16:34:41 | 000,227,554 | ---- | M] () -- C:\Users\Paweł\Desktop\835896ca0bc9083e8399555efa7a2805.jpg [2011-06-19 16:32:21 | 000,221,298 | ---- | M] () -- C:\Users\Paweł\Desktop\b600740cea5f7ee5799280b2508c58c7.jpg [2011-06-19 16:30:50 | 000,517,717 | ---- | M] () -- C:\Users\Paweł\Desktop\avek1.png [2011-06-16 18:04:22 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011-06-09 16:47:44 | 000,000,947 | ---- | M] () -- C:\Users\Paweł\Desktop\Boilsoft Video Joiner.lnk [2011-06-09 16:42:53 | 000,004,634 | ---- | M] () -- C:\Users\Paweł\AppData\Roaming\f9a419e6 [2011-06-09 16:42:53 | 000,004,634 | ---- | M] () -- C:\Users\Paweł\AppData\Roaming\f9447a40 [2011-06-09 16:33:15 | 000,015,360 | ---- | M] () -- C:\Users\Paweł\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-06-08 16:17:01 | 000,001,563 | ---- | M] () -- C:\Users\Paweł\Desktop\DragonAge2 — skrót.lnk [2011-06-05 15:29:00 | 000,630,960 | ---- | M] () -- C:\Users\Paweł\Desktop\11692-AstralDimension.p3t [2011-06-05 15:18:12 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\PS3 Theme Builder.lnk [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011-06-28 23:04:53 | 000,879,223 | ---- | C] () -- C:\Users\Paweł\Desktop\SecurityCheck.exe [2011-06-28 22:40:10 | 002,017,873 | -H-- | C] () -- C:\Users\Paweł\AppData\Local\IconCache.db [2011-06-27 19:39:58 | 000,270,240 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr [2011-06-27 19:33:56 | 000,139,080 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011-06-27 19:33:55 | 000,138,056 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\PnkBstrK.sys [2011-06-26 11:59:33 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011-06-26 11:59:32 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2011-06-26 11:59:32 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2011-06-26 11:59:32 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2011-06-26 11:59:32 | 000,000,590 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2011-06-26 11:59:32 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml [2011-06-25 14:27:00 | 000,001,957 | ---- | C] () -- C:\Users\Paweł\Desktop\Image Grabber II.lnk [2011-06-24 22:24:10 | 000,831,074 | ---- | C] () -- C:\Users\Paweł\Desktop\wiciu.png [2011-06-22 22:10:27 | 000,000,918 | ---- | C] () -- C:\Users\Paweł\Desktop\Easy Thumbnails.lnk [2011-06-22 22:05:14 | 000,001,113 | ---- | C] () -- C:\Users\Paweł\Desktop\Video Thumbnails Maker.lnk [2011-06-22 18:26:24 | 000,000,201 | ---- | C] () -- C:\Users\Paweł\Desktop\Call of Duty Modern Warfare 2.url [2011-06-22 18:19:45 | 000,000,201 | ---- | C] () -- C:\Users\Paweł\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url [2011-06-22 17:38:18 | 000,000,738 | ---- | C] () -- C:\Users\Paweł\Desktop\Core FTP LE.lnk [2011-06-21 20:37:04 | 111,712,452 | ---- | C] () -- C:\Users\Paweł\Desktop\Kaspersky.Internet.Security.PL.rar [2011-06-21 11:38:13 | 000,121,350 | ---- | C] () -- C:\Users\Paweł\Desktop\Szablony - paczka.rar [2011-06-21 10:46:11 | 770,255,355 | ---- | C] () -- C:\Users\Paweł\Desktop\Kc.Vgs.w.Bngkku.2011.PLSUBBED.TS.XviD-BiDA.rar [2011-06-19 16:34:41 | 000,227,554 | ---- | C] () -- C:\Users\Paweł\Desktop\835896ca0bc9083e8399555efa7a2805.jpg [2011-06-19 16:32:20 | 000,221,298 | ---- | C] () -- C:\Users\Paweł\Desktop\b600740cea5f7ee5799280b2508c58c7.jpg [2011-06-19 16:29:16 | 000,517,717 | ---- | C] () -- C:\Users\Paweł\Desktop\avek1.png [2011-06-09 16:47:44 | 000,000,947 | ---- | C] () -- C:\Users\Paweł\Desktop\Boilsoft Video Joiner.lnk [2011-06-09 16:42:53 | 000,004,634 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\f9a419e6 [2011-06-09 16:42:53 | 000,004,634 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\f9447a40 [2011-06-09 16:32:41 | 002,392,064 | ---- | C] () -- C:\Windows\System32\videotrans.dll [2011-06-09 16:32:41 | 000,215,040 | ---- | C] () -- C:\Windows\System32\videoformat.dll [2011-06-09 16:32:41 | 000,061,440 | ---- | C] () -- C:\Windows\System32\imgscaler.dll [2011-06-09 16:32:41 | 000,022,016 | ---- | C] () -- C:\Windows\System32\img_utils.dll [2011-06-09 16:32:41 | 000,017,920 | ---- | C] () -- C:\Windows\System32\videocore.dll [2011-06-09 16:32:40 | 000,128,512 | ---- | C] () -- C:\Windows\System32\xvid.dll [2011-06-09 16:32:39 | 000,180,224 | ---- | C] () -- C:\Windows\System32\ac3filter.ax [2011-06-09 16:32:39 | 000,061,440 | ---- | C] () -- C:\Windows\System32\xvid.ax [2011-06-08 16:17:01 | 000,001,563 | ---- | C] () -- C:\Users\Paweł\Desktop\DragonAge2 — skrót.lnk [2011-06-05 15:28:58 | 000,630,960 | ---- | C] () -- C:\Users\Paweł\Desktop\11692-AstralDimension.p3t [2011-06-05 15:17:51 | 000,000,971 | ---- | C] () -- C:\Users\Public\Desktop\PS3 Theme Builder.lnk [2011-05-20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011-04-13 14:57:35 | 000,000,120 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\ad6afa83.dat [2011-03-22 16:50:18 | 000,270,240 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011-03-22 16:50:13 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010-11-30 15:30:59 | 000,027,136 | ---- | C] () -- C:\Windows\System32\SpyShelterShellExt.dll [2010-11-20 15:19:11 | 001,740,800 | ---- | C] () -- C:\Windows\System32\Osklauncher.exe [2010-11-20 15:19:11 | 000,054,784 | ---- | C] () -- C:\Windows\System32\inject_logon_dll.dll [2010-11-11 21:22:20 | 000,000,048 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\joiner.ini [2010-11-11 21:07:51 | 000,000,077 | ---- | C] () -- C:\Users\Paweł\AppData\Roaming\splitter.ini [2010-11-04 21:33:32 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2010-09-05 13:14:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010-08-26 11:57:23 | 000,286,208 | ---- | C] () -- C:\Windows\System32\binkw32.dll [2010-08-23 15:29:00 | 000,015,360 | ---- | C] () -- C:\Users\Paweł\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-21 16:40:16 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010-08-20 22:19:13 | 000,064,128 | ---- | C] () -- C:\Users\Paweł\AppData\Local\GDIPFONTCACHEV1.DAT [2010-08-20 19:26:16 | 000,053,248 | ---- | C] () -- C:\Windows\System32\suppdll.dll [2010-08-20 19:26:16 | 000,035,363 | ---- | C] () -- C:\Windows\System32\windrvNT.sys [2010-08-20 19:16:39 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll [2010-08-20 19:07:48 | 000,005,696 | R--- | C] () -- C:\Windows\System32\CHKSUM.COM [2010-08-20 19:00:05 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2010-08-20 19:00:05 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2010-08-20 18:32:51 | 000,180,224 | ---- | C] () -- C:\Windows\System32\WinVd32.sys [2010-08-20 18:32:50 | 000,007,680 | ---- | C] () -- C:\Windows\System32\WinFLsrv.exe [2010-08-20 18:21:33 | 001,661,232 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI [2010-04-02 18:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2009-09-09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat [2009-07-14 10:07:57 | 000,737,242 | ---- | C] () -- C:\Windows\System32\perfh015.dat [2009-07-14 10:07:57 | 000,337,158 | ---- | C] () -- C:\Windows\System32\perfi015.dat [2009-07-14 10:07:57 | 000,153,930 | ---- | C] () -- C:\Windows\System32\perfc015.dat [2009-07-14 10:07:57 | 000,038,710 | ---- | C] () -- C:\Windows\System32\perfd015.dat [2009-07-14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009-07-14 06:33:53 | 000,292,296 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009-07-14 04:05:48 | 000,651,450 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009-07-14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009-07-14 04:05:48 | 000,120,382 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009-07-14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009-07-14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009-07-14 04:04:57 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini [2009-07-14 04:04:23 | 000,000,403 | ---- | C] () -- C:\Windows\win.ini [2009-07-14 04:04:23 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini [2009-07-14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009-07-14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009-07-14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009-07-13 23:41:56 | 000,053,552 | ---- | C] () -- C:\Windows\System32\dosx.exe [2009-07-13 23:41:05 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe [2009-07-13 23:41:04 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe [2009-07-13 23:41:02 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe [2009-07-13 23:41:02 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe [2009-07-13 23:41:01 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM [2009-07-13 23:40:59 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM [2009-07-13 23:40:57 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe [2009-07-13 23:40:57 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM [2009-07-13 23:40:56 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe [2009-07-13 23:40:54 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe [2009-07-13 23:40:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe [2009-07-13 23:40:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe [2009-07-13 23:40:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe [2009-07-13 23:40:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe [2009-07-13 23:40:48 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM [2009-07-13 23:40:44 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys [2009-07-13 23:40:43 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS [2009-07-13 23:40:43 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS [2009-07-13 23:40:41 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS [2009-07-13 23:40:40 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS [2009-07-13 23:40:39 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS [2009-07-13 23:40:35 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS [2009-07-13 23:40:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS [2009-07-13 23:40:27 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS [2009-07-13 23:40:23 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS [2009-07-13 23:40:19 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS [2009-07-13 23:40:17 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS [2009-07-13 23:40:15 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS [2009-07-13 23:40:13 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS [2009-07-13 23:40:11 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS [2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll [2009-07-13 22:29:46 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll [2009-06-10 23:42:32 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com [2009-06-10 23:39:59 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini [2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011-06-28 22:15:33 | 000,000,000 | -HSD | M] -- C:\Users\Paweł\AppData\Roaming\.# [2011-06-09 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Boilsoft [2011-06-23 10:59:28 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\CoreFTP [2010-08-21 16:44:26 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\DAEMON Tools Lite [2010-10-16 16:33:04 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\DVDVideoSoftIEHelpers [2011-06-22 22:11:35 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Easy Thumbnails [2011-06-28 21:17:33 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\FileZilla [2010-08-20 18:40:00 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Gadu-Gadu 10 [2011-06-25 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\GetRightToGo [2011-06-20 19:18:08 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\GHISLER [2010-08-21 10:49:42 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Octoshape [2010-10-10 18:20:08 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\OpenOffice.org [2010-11-11 21:06:47 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\profiles [2011-03-22 16:50:10 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\PunkBuster [2010-11-05 20:02:07 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\RayV [2010-12-27 17:19:01 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Regensoft [2010-11-20 15:19:55 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\SpyShelter [2011-03-03 04:16:19 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\System [2011-02-23 23:07:30 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\The Creative Assembly [2011-06-16 22:16:31 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Tibia [2010-09-06 17:24:45 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Tibiacast [2010-09-04 12:46:21 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\Uniblue [2011-04-10 19:13:10 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\uTorrent [2011-04-21 19:34:29 | 000,000,000 | ---D | M] -- C:\Users\Paweł\AppData\Roaming\wargaming.net [2011-05-18 21:36:26 | 000,000,000 | -HSD | M] -- C:\Users\Paweł\AppData\Roaming\wyUpdate AU [2011-06-25 09:46:31 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 189 bytes -> C:\ProgramData\TEMP:4BF2F6B5 @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:C43ED645 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:8CE646EE < End of report >