OTL logfile created on: 2012-11-05 19:51:50 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Matthew\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,25 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 65,55% Memory free 5,09 Gb Paging File | 3,60 Gb Available in Paging File | 70,77% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 75,13 Gb Total Space | 47,81 Gb Free Space | 63,64% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 86,89 Gb Free Space | 44,49% Space Free | Partition Type: NTFS Drive E: | 195,32 Gb Total Space | 192,92 Gb Free Space | 98,77% Space Free | Partition Type: NTFS Computer Name: MATEUSZ | User Name: Matthew | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-11-05 19:46:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Pulpit\OTL(1).exe PRC - [2012-10-30 10:50:26 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012-09-29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012-09-10 18:38:03 | 000,874,896 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2012-03-07 14:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2012-03-07 14:40:28 | 003,117,344 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2011-06-23 09:22:00 | 000,623,520 | ---- | M] (Zbshareware Lab) -- C:\Program Files\USB Disk Security\USBGuard.exe PRC - [2010-07-12 16:21:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe PRC - [2010-07-09 06:55:44 | 002,498,560 | ---- | M] (GlobalSCAPE Texas, LP.) -- C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\cuteftppro.exe PRC - [2010-07-09 06:55:44 | 001,562,624 | ---- | M] (GlobalSCAPE Texas, LP.) -- C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\ftpte.exe PRC - [2010-07-07 16:04:56 | 000,073,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.EXE PRC - [2009-12-22 01:08:39 | 000,814,344 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe PRC - [2009-11-12 12:48:56 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe PRC - [2008-04-14 18:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007-09-07 19:16:50 | 000,132,392 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe PRC - [2007-09-07 19:16:18 | 001,373,480 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe PRC - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe PRC - [2007-05-04 04:48:42 | 016,087,224 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-11-05 18:47:45 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll MOD - [2012-10-30 10:50:25 | 002,295,264 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2012-06-18 16:24:30 | 000,260,096 | ---- | M] () -- C:\Program Files\Notepad++\NppShell_05.dll MOD - [2011-06-24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011-06-24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2009-11-12 12:48:56 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe MOD - [2009-11-05 07:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll MOD - [2008-05-02 05:15:37 | 000,010,240 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll MOD - [2008-04-14 18:20:37 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2007-05-04 04:38:10 | 002,854,912 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\configuration\Resources.dll MOD - [2007-05-04 00:27:42 | 000,442,368 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\Workspace.dll MOD - [2007-05-04 00:27:40 | 000,196,608 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\configuration\JSExtensions\MM.dll MOD - [2007-05-04 00:27:34 | 000,176,128 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\configuration\JSExtensions\DWfile.dll MOD - [2007-05-04 00:27:32 | 000,192,512 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\configuration\JSExtensions\SWFFile.dll MOD - [2007-05-04 00:26:38 | 000,139,264 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\libcurl.dll MOD - [2007-05-04 00:26:34 | 000,073,728 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\NetIO.dll MOD - [2007-05-04 00:26:26 | 000,143,360 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\CoreTypes.dll MOD - [2007-05-04 00:14:08 | 000,694,272 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\FnpCommsSoap.dll MOD - [2007-05-04 00:12:14 | 000,843,776 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\libeay32.dll MOD - [2007-05-04 00:12:14 | 000,159,744 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\ssleay32.dll MOD - [2007-05-04 00:07:52 | 006,848,512 | ---- | M] () -- C:\Program Files\Adobe\Adobe Dreamweaver CS3\Fireworks Library.dll MOD - [2007-03-02 10:44:34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll MOD - [2007-02-07 09:36:42 | 000,536,576 | ---- | M] () -- C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\FileCryptIK.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2012-11-05 18:47:46 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012-10-30 10:41:14 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-09-29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012-09-29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-04-22 12:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2012-03-07 14:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2010-07-12 16:21:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009-12-22 01:08:39 | 000,814,344 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.10.0) SRV - [2009-11-12 12:48:56 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2007-09-07 19:16:18 | 001,373,480 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen) SRV - [2007-05-28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Matthew\xp.sys -- (xp) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\snp325.sys -- (SNP325) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUIr.sys -- (RtsUIr) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\RtsUStor.sys -- (RSUSBSTOR) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (RSUSBCCID) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Matthew\USTAWI~1\Temp\catchme.sys -- (catchme) DRV - [2012-09-29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012-06-03 10:44:46 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2012-04-22 12:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012-03-14 07:40:04 | 000,148,504 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2012-03-14 07:40:04 | 000,061,936 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2012-03-14 07:40:04 | 000,040,336 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2012-03-14 07:40:02 | 000,160,816 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2012-03-14 07:40:02 | 000,120,152 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2012-01-09 16:28:20 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2012-01-09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012-01-09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012-01-09 16:28:20 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2012-01-09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012-01-09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-02-14 15:21:30 | 000,014,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\NetDragon\91 Mobile\iPhone\Tq_91Assistant.sys -- (Tq_91Assistant) DRV - [2010-07-19 17:05:31 | 000,685,816 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2008-05-24 20:09:10 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2007-10-17 03:40:04 | 002,642,944 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007-05-24 11:30:10 | 000,049,920 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID) DRV - [2007-02-16 20:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter) DRV - [2007-02-16 19:30:12 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid) DRV - [2007-02-16 01:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WacomVKHid.sys -- (WacomVKHid) DRV - [2007-01-30 11:57:50 | 004,474,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2006-12-28 17:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) DRV - [2006-12-14 09:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp) DRV - [2006-05-03 06:46:38 | 000,014,592 | R--- | M] (ABIT) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\uGuru.sys -- (UGURU) DRV - [2006-04-18 13:53:44 | 000,004,047 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\U-ABIT\FlashMenu\MEMCTL.SYS -- (Memctl) DRV - [2006-04-18 13:53:44 | 000,003,548 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\U-ABIT\FlashMenu\WINFLASH.SYS -- (Winflash) DRV - [2001-08-17 21:05:48 | 000,314,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamDrO21.sys -- (PhilCam8116) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD501LJ_S0MUJ1EQ201337&ts=1349850697 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD501LJ_S0MUJ1EQ201337&ts=1349850697 IE - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86} IE - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "v9" FF - prefs.js..browser.search.order.1: "v9" FF - prefs.js..browser.search.selectedEngine: "v9" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.pl" FF - prefs.js..extensions.enabledAddons: {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}:1.8.1 FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10 FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145 FF - prefs.js..extensions.enabledAddons: csscoverage@spaghetticoder.org:0.3.0 FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120926 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: {3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}:0.8.19 FF - prefs.js..extensions.enabledItems: {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3 FF - prefs.js..extensions.enabledItems: csscoverage@spaghetticoder.org:0.2.3 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-11 16:03:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-10-30 10:50:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-10-30 10:50:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012-10-30 10:41:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012-10-30 10:41:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-06-24 21:32:19 | 000,000,000 | ---D | M] [2010-07-08 13:51:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Extensions [2010-07-07 19:10:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012-11-05 18:18:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Firefox\Profiles\3v5sfi6m.default\extensions [2010-07-23 06:07:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Firefox\Profiles\3v5sfi6m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-09-15 13:52:12 | 000,000,000 | ---D | M] (CacheViewer) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Firefox\Profiles\3v5sfi6m.default\extensions\{71328583-3CA7-4809-B4BA-570A85818FBB} [2012-11-05 18:18:47 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Firefox\Profiles\3v5sfi6m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012-09-27 08:41:50 | 000,009,804 | ---- | M] () (No name found) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Firefox\Profiles\3v5sfi6m.default\extensions\csscoverage@spaghetticoder.org.xpi [2012-11-03 08:00:33 | 002,042,908 | ---- | M] () (No name found) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Firefox\Profiles\3v5sfi6m.default\extensions\firebug@software.joehewitt.com.xpi [2012-08-25 11:46:31 | 000,049,607 | ---- | M] () (No name found) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Firefox\Profiles\3v5sfi6m.default\extensions\{3e9bb2a7-62ca-4efa-a4e6-f6f6168a652d}.xpi [2011-09-30 10:31:58 | 000,627,675 | ---- | M] () (No name found) -- C:\Documents and Settings\Matthew\Dane aplikacji\Mozilla\Firefox\Profiles\3v5sfi6m.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-30 10:50:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-02-11 16:03:20 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 [2012-10-30 10:50:26 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011-02-02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012-02-13 07:30:56 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-02-13 07:30:56 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-02-13 07:30:56 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-02-13 07:30:56 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-10-10 07:31:38 | 000,000,402 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml [2012-02-13 07:30:56 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-02-13 07:30:56 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD501LJ_S0MUJ1EQ201337&ts=1349850697 CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=SAMSUNG_HD501LJ_S0MUJ1EQ201337&ts=1349850697 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\22.0.1229.94\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: WOT = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.6_0\ CHR - Extension: YouTube = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\ CHR - Extension: Adblock Plus = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Gmail = C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012-11-05 17:10:17 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (DebugBar BHO) - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll (Core Services) O3 - HKLM\..\Toolbar: (DebugBar (Toolbar)) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll (Core Services) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [USB Security] C:\Program Files\USB Disk Security\USBGuard.exe (Zbshareware Lab) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1390067357-1960408961-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Inspect Element with DebugBar - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll (Core Services) O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1352133826953 (MUWebControl Class) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.233.233.233 87.204.204.204 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E554D2F-2C12-46A3-918A-62AC0BDDDABD}: DhcpNameServer = 62.233.233.233 87.204.204.204 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E554D2F-2C12-46A3-918A-62AC0BDDDABD}: NameServer = 87.204.204.204,62.233.233.233 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-07-07 15:41:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-11-05 19:46:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Pulpit\OTL(1).exe [2012-11-05 19:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Pulpit\html [2012-11-05 19:18:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\FLEXnet [2012-11-05 18:39:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Start Menu\Programs\Startup [2012-11-05 18:39:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Start Menu [2012-11-05 17:36:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Dane aplikacji\Malwarebytes [2012-11-05 17:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes' Anti-Malware [2012-11-05 17:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2012-11-05 17:35:56 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012-11-05 17:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-11-05 17:33:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Matthew\Recent [2012-11-05 17:33:49 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2012-11-05 17:22:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2012-11-05 14:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Pulpit\Nowy folder (2) [2012-11-05 12:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Pulpit\com_virtuemart.2.0.12f_extract_first [2012-11-05 11:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Pulpit\Nowy folder [2012-10-30 10:50:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-10-30 10:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012-10-30 10:40:43 | 000,000,000 | ---D | C] -- C:\UDC Output Files [2012-10-25 15:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\temp [2012-10-24 20:20:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Pulpit\MODULY PLUGINY KOMP [2012-10-24 12:49:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\M-Photo_Ltd [2012-10-24 12:23:44 | 000,000,000 | ---D | C] -- C:\Najlepszefoto [2012-10-24 12:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\M-Photo [2012-10-24 12:17:58 | 000,000,000 | ---D | C] -- C:\Program Files\Najlepszefoto [2012-10-24 07:41:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Pulpit\WESELE MATI - PATI [2012-10-19 15:08:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Pulpit\AGRO-ROL [2012-10-18 14:55:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Pulpit\ROBNET [2012-10-10 07:49:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\NetDragon [2012-10-10 07:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\NetDragon [2012-10-10 06:57:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\iTunes [2012-10-10 06:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012-10-10 06:56:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012-10-10 06:46:59 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2012-10-10 06:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Dane aplikacji\iFunbox_UserCache [2012-10-10 06:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\i-Funbox DevTeam [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-11-05 19:47:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012-11-05 19:46:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Pulpit\OTL(1).exe [2012-11-05 19:18:00 | 000,001,140 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1960408961-725345543-1003UA.job [2012-11-05 18:47:46 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-11-05 18:47:46 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-11-05 18:39:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-11-05 18:38:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-11-05 17:18:14 | 000,001,273 | ---- | M] () -- C:\WINDOWS\Jer4705.ini [2012-11-05 17:10:17 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2012-11-05 17:02:01 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\CCleaner.lnk [2012-11-05 14:01:41 | 002,612,224 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\Zamek dociskowy M22SE.cdr [2012-11-05 14:01:38 | 017,046,553 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\Str3B-4.cdr [2012-11-05 13:40:39 | 000,030,800 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\search_panels_set.jpg [2012-11-05 13:39:31 | 000,076,609 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\search_input_field__psd_by_emrah_demirag-d3dz0un.jpg [2012-11-05 13:29:48 | 000,025,175 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\top.jpg [2012-11-05 12:40:12 | 000,001,270 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\default.css [2012-11-05 12:29:37 | 000,000,226 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\pyt_bg.png [2012-11-05 12:08:10 | 003,765,491 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\com_virtuemart.2.0.12f_extract_first.zip [2012-11-05 11:54:23 | 000,000,842 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\gnome_mail_read.png [2012-11-05 11:53:44 | 000,000,781 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\emailButton.png [2012-11-05 11:52:16 | 000,000,821 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\printer.png [2012-11-05 11:51:23 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\printButton.png [2012-11-05 11:50:03 | 000,001,277 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\email_open2.png [2012-11-05 11:48:56 | 000,008,469 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\mail_message_new.png [2012-11-05 11:48:44 | 000,004,524 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\email_open.png [2012-11-05 11:45:43 | 000,001,295 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\print_icon.gif [2012-11-05 11:18:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1960408961-725345543-1003Core.job [2012-11-05 09:40:54 | 000,114,903 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\1285089013_6-tractor.jpg [2012-11-05 09:39:00 | 000,069,567 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\1.jpg [2012-11-05 09:32:43 | 000,069,410 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\virtuemart.css [2012-11-03 08:02:23 | 000,000,031 | ---- | M] () -- C:\WINDOWS\System32\Days5.ini [2012-10-24 12:17:58 | 008,443,327 | ---- | M] () -- C:\WINDOWS\System32\Najlepszefoto.pl_NKreator_uninstaller.exe [2012-10-22 10:45:24 | 000,000,362 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\backgrounds.png [2012-10-20 09:18:00 | 000,002,894 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\general.css [2012-10-19 12:58:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Infob.dat [2012-10-19 12:58:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Infoa.dat [2012-10-11 08:19:46 | 000,002,318 | ---- | M] () -- C:\Documents and Settings\Matthew\Pulpit\Google Chrome.lnk [2012-10-10 07:49:14 | 000,001,814 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\iPhone.lnk [2012-10-10 06:48:50 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Safari.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-11-05 14:01:41 | 002,612,224 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\Zamek dociskowy M22SE.cdr [2012-11-05 14:01:37 | 017,046,553 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\Str3B-4.cdr [2012-11-05 13:40:39 | 000,030,800 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\search_panels_set.jpg [2012-11-05 13:39:31 | 000,076,609 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\search_input_field__psd_by_emrah_demirag-d3dz0un.jpg [2012-11-05 13:22:31 | 000,025,175 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\top.jpg [2012-11-05 12:40:11 | 000,001,270 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\default.css [2012-11-05 12:29:36 | 000,000,226 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\pyt_bg.png [2012-11-05 12:08:08 | 003,765,491 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\com_virtuemart.2.0.12f_extract_first.zip [2012-11-05 11:58:18 | 000,000,362 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\backgrounds.png [2012-11-05 11:54:23 | 000,000,842 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\gnome_mail_read.png [2012-11-05 11:53:44 | 000,000,781 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\emailButton.png [2012-11-05 11:52:16 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\printer.png [2012-11-05 11:51:23 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\printButton.png [2012-11-05 11:50:03 | 000,001,277 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\email_open2.png [2012-11-05 11:48:56 | 000,008,469 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\mail_message_new.png [2012-11-05 11:48:44 | 000,004,524 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\email_open.png [2012-11-05 11:45:43 | 000,001,295 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\print_icon.gif [2012-11-05 09:40:54 | 000,114,903 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\1285089013_6-tractor.jpg [2012-11-05 09:39:00 | 000,069,567 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\1.jpg [2012-11-05 09:32:43 | 000,069,410 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\virtuemart.css [2012-11-03 08:02:23 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\Days5.ini [2012-10-24 12:17:58 | 008,443,327 | ---- | C] () -- C:\WINDOWS\System32\Najlepszefoto.pl_NKreator_uninstaller.exe [2012-10-20 09:18:00 | 000,002,894 | ---- | C] () -- C:\Documents and Settings\Matthew\Pulpit\general.css [2012-10-19 12:58:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Infob.dat [2012-10-19 12:58:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Infoa.dat [2012-10-10 07:49:14 | 000,001,814 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\iPhone.lnk [2012-03-05 13:10:10 | 000,000,081 | ---- | C] () -- C:\WINDOWS\Anwender.dat [2012-03-05 13:06:20 | 000,001,273 | ---- | C] () -- C:\WINDOWS\Jer4705.ini [2012-03-05 13:06:20 | 000,000,349 | ---- | C] () -- C:\WINDOWS\Innentab.ini [2012-02-15 09:38:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011-07-29 13:00:29 | 000,044,646 | ---- | C] () -- C:\WINDOWS\System32\FlashMenu.sys [2011-05-05 07:17:53 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2011-05-05 07:16:04 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe [2011-05-05 07:15:56 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2011-05-05 07:15:55 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2011-05-05 07:15:54 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat [2011-05-05 07:15:54 | 000,157,034 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2011-05-05 07:00:36 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2011-04-07 22:37:53 | 000,000,020 | ---- | C] () -- C:\WINDOWS\SWISHM~1.INI [2011-04-01 12:08:59 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Matthew\Dane aplikacji\$_hpcst$.hpc [2011-03-16 19:59:03 | 000,000,103 | ---- | C] () -- C:\WINDOWS\pro.INI [2011-02-28 20:25:14 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Matthew\Dane aplikacji\winscp.rnd [2010-07-08 09:33:19 | 000,099,840 | ---- | C] () -- C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-07-07 17:27:04 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Matthew\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2010-07-07 16:29:29 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 18:20:47 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-14 18:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2010-07-07 18:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Canneverbe Limited [2011-09-30 13:11:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonBJ [2011-09-30 13:32:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonEPP [2011-09-30 13:32:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJEPPEX2 [2011-09-30 13:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJMSetup [2011-09-30 13:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CanonIJWSpt [2012-06-24 21:32:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-07-07 19:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-07-07 20:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GlobalSCAPE [2011-04-08 17:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2012-10-24 12:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\M-Photo [2012-05-08 10:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX [2012-06-16 09:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache [2012-06-16 09:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2011-11-17 08:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Recisio [2010-09-09 16:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2012-05-08 10:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Xara [2011-09-08 15:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Zbshareware Lab [2011-01-31 13:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\TightVNC [2012-03-10 11:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Avery [2010-09-01 18:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\CAD-KAS [2010-07-07 18:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Canneverbe Limited [2010-07-07 18:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\ESET [2010-07-07 20:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Gadu-Gadu [2012-04-18 13:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\GHISLER [2012-10-25 14:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\GlobalSCAPE [2012-03-12 11:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Gzegzolka XP [2012-10-10 06:31:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\iFunbox_UserCache [2012-05-08 10:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\MAGIX [2012-06-24 21:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Nokia [2012-06-24 21:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Nokia Suite [2012-11-05 18:03:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Notepad++ [2010-07-07 19:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\OpenOffice.org [2010-07-07 18:19:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Opera [2012-06-16 09:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\PC Suite [2012-02-01 10:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Process Axis Pte. Ltd [2010-12-13 18:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\RDRM [2012-10-04 22:34:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\RST [2010-07-08 17:23:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\SWiSH Max2 PLK [2012-07-12 21:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\TeamViewer [2010-07-07 19:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Thunderbird [2011-05-24 17:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\VSO [2011-11-28 15:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\YCanPDF [2011-09-08 15:34:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthew\Dane aplikacji\Zbshareware Lab [color=#E56717]========== Purity Check ==========[/color] < End of report >