OTL logfile created on: 2013-01-10 14:42:17 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\GamerX\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 74,04% Memory free 3,85 Gb Paging File | 3,49 Gb Available in Paging File | 90,59% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 53,71 Gb Total Space | 45,16 Gb Free Space | 84,08% Space Free | Partition Type: NTFS Drive D: | 95,34 Gb Total Space | 51,86 Gb Free Space | 54,39% Space Free | Partition Type: NTFS Computer Name: ADMINX-89F35E72 | User Name: GamerX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-01-10 14:42:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\GamerX\Moje dokumenty\Pobieranie\OTL.exe PRC - [2012-12-05 11:27:36 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012-09-27 06:54:40 | 000,368,640 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\pcCMService.exe PRC - [2011-11-14 13:25:16 | 001,479,488 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2011-11-14 13:25:16 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2010-12-03 20:58:04 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-11-05 17:25:42 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-03 20:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe PRC - [2005-12-06 13:53:30 | 000,819,200 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\neostradatp.exe PRC - [2005-11-22 11:54:18 | 000,249,856 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\ComComp.exe PRC - [2004-11-02 14:31:20 | 000,069,632 | ---- | M] (France Telecom R&D) -- C:\Program Files\neostrada tp\Toaster.exe PRC - [2004-10-27 10:30:44 | 000,032,768 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.exe PRC - [2004-10-27 10:07:06 | 000,069,632 | ---- | M] () -- C:\Program Files\neostrada tp\PollingModule.exe PRC - [2004-10-21 07:50:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\AlertModule\AlertModule.exe PRC - [2004-10-05 16:00:12 | 000,061,440 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\TaskBarIcon.exe PRC - [2004-08-23 13:49:56 | 000,040,960 | ---- | M] (France Telecom) -- C:\WINDOWS\system32\FTRTSVC.exe PRC - [2004-08-23 13:49:56 | 000,020,480 | ---- | M] (France Télécom R&D) -- C:\Program Files\neostrada tp\Watch.exe PRC - [2003-05-13 02:38:52 | 000,401,408 | ---- | M] (Kerio Technologies) -- C:\Program Files\Kerio\Personal Firewall\PERSFW.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-08-24 07:43:30 | 009,813,704 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll MOD - [2012-01-03 08:45:08 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll MOD - [2010-12-03 20:58:04 | 001,017,304 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll MOD - [2009-11-18 22:51:46 | 000,473,704 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll MOD - [2009-02-27 18:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2006-05-22 13:29:28 | 001,802,240 | ---- | M] () -- c:\Program Files\neostrada tp\skin\Default\main\ResourceStyle.dll MOD - [2005-05-03 12:38:42 | 000,064,512 | R--- | M] () -- C:\WINDOWS\system32\P17.dll MOD - [2004-11-16 17:10:52 | 000,053,248 | ---- | M] () -- C:\Program Files\neostrada tp\SynchroDll.dll MOD - [2004-10-27 10:30:44 | 000,032,768 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.exe MOD - [2004-10-27 10:07:06 | 000,069,632 | ---- | M] () -- C:\Program Files\neostrada tp\PollingModule.exe MOD - [2004-10-26 08:49:34 | 000,028,672 | ---- | M] () -- C:\Program Files\neostrada tp\Inactivity.dll MOD - [2004-10-21 17:27:38 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\AlertModule\AlertClient.dll MOD - [2004-10-21 07:50:52 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\AlertModule\AlertModule.exe MOD - [2004-08-23 13:49:58 | 000,188,416 | ---- | M] () -- C:\Program Files\neostrada tp\PhoneManager.dll MOD - [2004-08-23 13:49:56 | 000,036,864 | ---- | M] () -- C:\Program Files\neostrada tp\PMStub.dll MOD - [2004-04-19 07:28:06 | 000,090,112 | ---- | M] () -- C:\Program Files\neostrada tp\DetectComponent.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2012-12-05 11:27:36 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-09-27 06:54:40 | 000,368,640 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService) SRV - [2011-11-14 13:25:16 | 001,479,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2011-11-14 13:25:14 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp) SRV - [2009-11-05 17:25:42 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2008-04-07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2006-03-03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12) SRV - [2004-08-23 13:49:56 | 000,040,960 | ---- | M] (France Telecom) [Auto | Running] -- C:\WINDOWS\system32\FTRTSVC.exe -- (FTRTSVC) SRV - [2003-05-13 02:38:52 | 000,401,408 | ---- | M] (Kerio Technologies) [Auto | Running] -- C:\Program Files\Kerio\Personal Firewall\PERSFW.exe -- (PersFw) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\GamerX\Pulpit\TubeHunter_Ultra_4.0.1423_Incl._Keygen\sterownik.sys -- (sterownik) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCAMPR5.SYS -- (PCAMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012-09-27 06:53:18 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50) DRV - [2012-09-27 06:53:06 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50) DRV - [2011-11-08 11:47:38 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2011-03-18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2010-01-27 03:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf) DRV - [2009-11-02 08:39:30 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009-03-20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009-03-20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2009-03-20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2007-09-19 21:37:48 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) DRV - [2007-09-17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007-09-14 04:41:28 | 000,051,608 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2007-09-14 04:41:20 | 000,014,744 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2007-09-14 04:41:12 | 000,029,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo) DRV - [2007-09-14 04:41:02 | 000,029,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2007-09-14 04:40:54 | 000,019,352 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2006-09-19 10:03:28 | 000,116,992 | ---- | M] (Analog Devices Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e4usbaw.sys -- (e4usbaw) DRV - [2006-09-15 10:07:54 | 000,064,000 | ---- | M] (Analog Deivces) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\e4ldr.sys -- (IKANLOADER2) DRV - [2005-07-07 09:14:30 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17) DRV - [2005-01-10 11:15:30 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv) DRV - [2005-01-10 11:15:24 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k) DRV - [2003-08-04 13:22:44 | 000,016,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5) DRV - [2002-04-15 11:28:32 | 000,102,912 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\FWDRV.SYS -- (fwdrv) DRV - [1996-04-03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\neostrada tp\SearchPageURL.dll () IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "www.google.pl" FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.13 FF - prefs.js..extensions.enabledItems: SignPlugin@bph.pl:1.4.0.7 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-08-24 07:37:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-08-24 07:38:14 | 000,000,000 | ---D | M] [2012-12-13 11:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GamerX\Dane aplikacji\Mozilla\Extensions [2012-12-13 11:32:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\GamerX\Dane aplikacji\Mozilla\Firefox\Profiles\nix7fb44.default\extensions [2012-08-25 08:32:45 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\GamerX\Dane aplikacji\Mozilla\Firefox\Profiles\nix7fb44.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2012-09-03 07:18:46 | 000,000,000 | ---D | M] (BPH Sign Plugin) -- C:\Documents and Settings\GamerX\Dane aplikacji\Mozilla\Firefox\Profiles\nix7fb44.default\extensions\SignPlugin@bph.pl [2012-12-31 11:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010-12-03 18:54:54 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2010-12-03 18:54:54 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2010-12-03 18:54:54 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2010-12-03 18:54:54 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2010-12-03 18:54:54 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2010-12-03 18:54:54 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-08-24 07:57:40 | 000,000,813 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 secure.tune-up.com O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] nwiz.exe /installquiet File not found O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll () O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [TPSA_McciTrayApp] "C:\Program Files\TPSA\pcTrayApp.exe" File not found O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\GestMaj.exe TaskBarIcon.exe File not found O4 - HKLM..\Run: [WOOWATCH] C:\Program Files\neostrada tp\Watch.exe (France Télécom R&D) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99D495F7-DF62-4D3C-A0F9-BC48F2434186}: NameServer = 194.204.152.34 194.204.159.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\GamerX\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\GamerX\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-08-24 06:59:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{abecaf05-f041-11e1-a858-4d6564696130}\Shell\AutoRun\command - "" = F:\setup.exe O33 - MountPoints2\{c682b282-0976-11e2-a916-4d6564696130}\Shell - "" = AutoRun O33 - MountPoints2\{c682b282-0976-11e2-a916-4d6564696130}\Shell\AutoRun\command - "" = F:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-01-10 14:35:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GamerX\Menu Start\Programy\CyberLink PowerDVD [2013-01-10 12:58:47 | 000,197,896 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\GamerX\wgsdgsdgdsgsd.exe [2013-01-09 12:23:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GamerX\Dane aplikacji\Ubisoft [2012-12-31 10:05:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GamerX\Dane aplikacji\Motive [2012-12-31 10:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive [2012-12-31 10:04:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Motive [2012-12-27 14:29:34 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2012-12-19 13:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan [2012-12-18 12:16:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\GamerX\Moje dokumenty\Downloads [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-01-10 14:35:38 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2013-01-10 14:35:37 | 000,272,805 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2013-01-10 14:35:34 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\Baukd.job [2013-01-10 14:35:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-01-10 14:35:31 | 000,096,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-01-10 14:10:26 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\GamerX\Menu Start\Programy\Autostart\runctf.lnk [2013-01-10 14:06:54 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2013-01-10 12:58:47 | 000,197,896 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\GamerX\wgsdgsdgdsgsd.exe [2013-01-09 13:59:17 | 000,000,155 | ---- | M] () -- C:\WINDOWS\winamp.ini [2012-12-27 14:00:16 | 000,008,704 | ---- | M] () -- C:\Documents and Settings\GamerX\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-12-19 13:17:27 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo [2012-12-18 10:30:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-01-10 14:17:10 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2013-01-10 12:58:49 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\GamerX\Menu Start\Programy\Autostart\runctf.lnk [2012-12-27 14:29:35 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2012-12-27 14:29:35 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2012-12-27 14:29:35 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax [2012-12-19 13:17:27 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo [2012-11-24 13:03:50 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2012-11-07 11:59:01 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\Userdata.ini [2012-09-11 13:12:12 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll [2012-09-11 13:09:12 | 000,120,250 | ---- | C] () -- C:\WINDOWS\hpoins11.dat [2012-09-06 11:15:47 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll [2012-09-06 11:15:47 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys [2012-09-06 11:15:43 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\GamerX\Dane aplikacji\$_hpcst$.hpc [2012-08-27 17:52:13 | 000,106,496 | RHS- | C] () -- C:\WINDOWS\System32\vdmredirk.dll [2012-08-27 13:10:19 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\GamerX\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-08-24 08:52:39 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-08-24 08:51:44 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-08-24 07:37:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2012-08-24 07:29:48 | 000,000,168 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2012-08-24 07:29:48 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2012-08-24 07:29:46 | 000,127,456 | ---- | C] () -- C:\WINDOWS\System32\IPDETECT.EXE [2012-08-24 07:29:45 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P2.BIN [2012-08-24 07:29:45 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2012-08-24 07:29:45 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\ADADIX16.DLL [2012-08-24 07:29:45 | 000,024,576 | ---- | C] () -- C:\WINDOWS\enddisk32.exe [2012-08-24 07:29:44 | 000,152,220 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I2.BIN [2012-08-24 07:29:44 | 000,152,220 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I1.BIN [2012-08-24 07:29:44 | 000,152,220 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4I0.BIN [2012-08-24 07:29:44 | 000,152,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P2.BIN [2012-08-24 07:29:44 | 000,152,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P1.BIN [2012-08-24 07:29:44 | 000,152,132 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4P0.BIN [2012-08-24 07:29:44 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P1.BIN [2012-08-24 07:29:44 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9P0.BIN [2012-08-24 07:29:44 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I2.BIN [2012-08-24 07:29:44 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I1.BIN [2012-08-24 07:29:44 | 000,152,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E9I0.BIN [2012-08-24 07:29:44 | 000,152,036 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D2.BIN [2012-08-24 07:29:44 | 000,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D1.BIN [2012-08-24 07:29:44 | 000,152,034 | ---- | C] () -- C:\WINDOWS\System32\drivers\L1E4D0.BIN [2012-08-24 07:29:44 | 000,022,395 | ---- | C] () -- C:\WINDOWS\System32\drivers\fpga.bin [2012-08-24 07:29:02 | 000,041,068 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll [2012-08-24 07:25:27 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\pxhpinst.exe [2012-08-24 07:25:24 | 000,000,155 | ---- | C] () -- C:\WINDOWS\winamp.ini [2012-08-24 07:24:25 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\FWDRV.SYS [2012-08-24 07:23:18 | 000,000,716 | ---- | C] () -- C:\WINDOWS\unins000.dat [2012-08-24 07:19:40 | 002,293,286 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin [2012-08-24 07:17:47 | 000,005,627 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini [2012-08-24 07:17:47 | 000,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini [2012-08-24 07:13:33 | 000,004,233 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2012-08-24 07:13:31 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2012-08-24 07:02:49 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-08-24 06:56:57 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2012-09-03 10:36:32 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 13:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008-04-15 13:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >