OTL logfile created on: 2013-01-11 13:03:34 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Maxwel\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1021,54 Mb Total Physical Memory | 534,54 Mb Available Physical Memory | 52,33% Memory free 2,39 Gb Paging File | 1,99 Gb Available in Paging File | 83,31% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 9,77 Gb Total Space | 0,44 Gb Free Space | 4,52% Space Free | Partition Type: NTFS Drive D: | 64,73 Gb Total Space | 40,82 Gb Free Space | 63,07% Space Free | Partition Type: NTFS Computer Name: MAX | User Name: Maxwel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-01-11 11:17:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxwel\Pulpit\OTL.exe PRC - [2013-01-11 10:24:38 | 000,170,408 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2011-10-25 14:39:30 | 000,105,432 | ---- | M] (Cyfrowy Polsat) -- C:\Program Files\Cyfrowy Polsat HSPA\Cyfrowy Polsat B150\BRService.exe PRC - [2010-04-12 04:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe PRC - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2010-04-07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2010-03-23 03:30:54 | 000,362,408 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\OpenManage\Client\Iap.exe PRC - [2009-02-18 13:10:14 | 000,991,232 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe PRC - [2008-09-06 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2006-03-17 16:25:16 | 000,065,536 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-11-15 12:54:11 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\31b7eef43a23e7c6e93594be583f3d08\System.ServiceProcess.ni.dll MOD - [2012-11-15 12:12:24 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll MOD - [2012-11-15 12:12:15 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll MOD - [2012-11-15 12:12:00 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll MOD - [2012-11-15 12:10:10 | 007,977,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll MOD - [2012-11-15 12:09:54 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll MOD - [2009-03-06 09:39:10 | 000,249,856 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll MOD - [2009-02-27 18:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\Maxwel\wgsdgsdgdsgsd.exe -- (winmgmt) SRV - [2013-01-11 10:26:13 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-01-11 10:24:38 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-11-29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-10-19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2011-10-25 14:39:30 | 000,105,432 | ---- | M] (Cyfrowy Polsat) [Auto | Running] -- C:\Program Files\Cyfrowy Polsat HSPA\Cyfrowy Polsat B150\BRService.exe -- (BR_Launcher) SRV - [2010-04-12 04:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService) SRV - [2010-04-07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2010-04-07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2010-03-23 03:30:54 | 000,362,408 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\OpenManage\Client\Iap.exe -- (Iap) SRV - [2009-02-18 13:10:14 | 000,991,232 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService) SRV - [2008-12-12 08:54:00 | 000,638,976 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService) SRV - [2008-11-12 12:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe) SRV - [2007-03-06 17:55:24 | 000,105,248 | ---- | M] (Labtec Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher) SRV - [2006-03-17 16:25:16 | 000,065,536 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\sfsync04.sys -- (sfsync04) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (at7notmr) DRV - [2012-12-04 12:12:49 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2012-12-04 12:12:49 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2011-11-10 04:42:12 | 007,493,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011-09-16 17:38:12 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2011-09-15 18:35:16 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011-01-12 08:46:06 | 000,085,888 | ---- | M] (IPS) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ips_polsat_cdc_acm.sys -- (ips_polsat_cdc_acm) DRV - [2011-01-12 08:46:06 | 000,082,176 | ---- | M] (IPS) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ips_polsat_dc_enum.sys -- (ips_polsat_dc_enum) DRV - [2011-01-12 08:46:06 | 000,051,072 | ---- | M] (IPS) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ips_polsat_cdc_ecm.sys -- (ips_polsat_cdc_ecm) DRV - [2011-01-12 08:46:06 | 000,009,856 | ---- | M] (IPS) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ips_polsat_cpo.sys -- (ips_polsat_cpo) DRV - [2010-04-07 21:08:08 | 000,055,232 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2010-04-07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2010-04-07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2010-04-07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-04-07 21:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010-03-08 22:58:36 | 000,020,480 | ---- | M] (Dell Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci) DRV - [2010-01-21 00:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010-01-21 00:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010-01-21 00:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus) DRV - [2009-03-06 09:39:10 | 000,208,824 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr) DRV - [2009-03-06 09:39:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV) DRV - [2007-06-06 11:51:04 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2007-03-06 17:54:40 | 000,041,376 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007-03-06 17:52:46 | 002,261,792 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv) DRV - [2007-03-06 17:50:30 | 001,669,664 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap) DRV - [2007-03-06 17:48:46 | 001,273,504 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) DRV - [2007-03-06 17:48:46 | 000,014,240 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter) DRV - [2006-03-17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2005-11-03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) DRV - [2005-08-10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2005-05-16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [2003-04-24 15:21:50 | 000,006,025 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{5491EBA9-37E4-4B70-9ED2-BB1E4B59EDBF}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gazeta.pl/0,0.html?sc=1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ IE - HKCU\..\URLSearchHook: HKEY_CURRENT_USER - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{496E6E50-DB80-43C0-B65C-AFCF0EC46AF8}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{502A062C-F091-47B4-8CE8-9FE7916A22EF}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{5491EBA9-37E4-4B70-9ED2-BB1E4B59EDBF}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{C032FF75-9F68-448C-B1FC-206BFE8FAD6F}: "URL" = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true&s.sm.query={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..CT2481033.browser.search.defaultthis.engineName: true FF - prefs.js..browser.search.selectedEngine: "Ashampoo PO Customized Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2481033&SearchSource=13&CUI=SB_CUI" FF - prefs.js..extensions.enabledAddons: %7Bd43723ae-1ae1-4a25-a6a4-bf0929273cab%7D:10.13.40.15 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2481033&SearchSource=2&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-02 16:08:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-01-11 10:35:05 | 000,000,000 | ---D | M] [2013-01-02 16:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Maxwel\Dane aplikacji\Mozilla\Extensions [2013-01-04 11:11:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Maxwel\Dane aplikacji\Mozilla\Firefox\Profiles\fxka03to.default\extensions [2013-01-04 11:11:35 | 000,000,000 | ---D | M] (Ashampoo PO) -- C:\Documents and Settings\Maxwel\Dane aplikacji\Mozilla\Firefox\Profiles\fxka03to.default\extensions\{d43723ae-1ae1-4a25-a6a4-bf0929273cab} [2013-01-04 20:51:03 | 000,001,052 | ---- | M] () -- C:\Documents and Settings\Maxwel\Dane aplikacji\Mozilla\Firefox\Profiles\fxka03to.default\searchplugins\ashampoo-po-customized-web-search.xml [2013-01-02 16:08:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-11-29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-11-29 11:00:09 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-11-29 11:00:09 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-11-29 11:00:09 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-11-29 11:00:09 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-11-29 11:00:09 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-11-29 11:00:09 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-10-29 10:29:27 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\T present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = -1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = [binary data] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = [binary data] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskBar = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = [binary data] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = [binary data] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = [binary data] O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKey = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WINDOWS\system = Reg Error: Value error. File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WINDOWS\system = Reg Error: Value error. File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WINDOWS\system = Reg Error: Value error. File not found O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\***ERROR READING SUBKEYS*** present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01AC1541-E93F-4BF4-A0EF-64A4227862F7}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52BD10C6-1E3D-43C4-981E-982BBCE17917}: DhcpNameServer = 193.41.112.14 193.41.112.18 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O21 - SSODL: Polsk - Reg Error: Value error. - No CLSID value found. O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: DISABLEEXCEPTIONCHAI - No CLSID value found. O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010-06-20 14:58:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{a73feadc-9b6a-11e0-95c3-0019b93fa7c1}\Shell - "" = AutoRun O33 - MountPoints2\{a73feadc-9b6a-11e0-95c3-0019b93fa7c1}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-01-11 12:48:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-01-11 11:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013-01-11 11:17:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Maxwel\Pulpit\OTL.exe [2013-01-11 10:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Dane aplikacji\ESET [2013-01-11 10:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\ESET [2013-01-11 10:35:04 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2013-01-11 10:35:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\ESET [2013-01-11 10:35:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2013-01-11 10:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Pulpit\ESET NOD32 Antivirus 4.2.40.10 32 & 64bit [PL] [2013-01-11 10:25:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2013-01-11 10:25:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013-01-11 10:25:45 | 000,859,072 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013-01-11 10:25:45 | 000,779,704 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013-01-11 10:25:45 | 000,260,528 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013-01-11 10:25:03 | 000,174,000 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-01-11 10:25:03 | 000,173,992 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-01-11 10:25:03 | 000,093,640 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-01-10 21:09:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Maxwel\Recent [2013-01-08 13:29:55 | 000,177,248 | ---- | C] (Корпорация Майкрософт) -- C:\Documents and Settings\Maxwel\wgsdgsdgdsgsd.exe.vir [2013-01-06 19:06:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\1C Company [2013-01-04 11:11:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\Conduit [2013-01-04 11:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Dane aplikacji\Ashampoo [2013-01-04 11:10:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\ashampoo [2013-01-04 11:10:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\ashampoo [2013-01-04 11:10:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Ashampoo [2013-01-04 11:09:52 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo [2013-01-04 10:27:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Dane aplikacji\CyberLink [2013-01-02 16:09:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\Mozilla [2013-01-02 16:09:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Dane aplikacji\Mozilla [2013-01-02 16:08:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Mozilla [2013-01-02 16:08:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2013-01-02 16:08:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-01-02 15:02:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\CyberLink [2013-01-02 14:41:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Menu Start\Programy\OLYMPUS ib [2013-01-02 14:41:01 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Maxwel\Menu Start\Programy\Narzędzia administracyjne [2013-01-02 14:40:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\OLYMPUS [2013-01-02 14:38:01 | 000,000,000 | ---D | C] -- C:\Program Files\Olympus [2013-01-02 14:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Temp [2013-01-02 14:29:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\OLYMPUS Camera [2013-01-02 14:29:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\OLYMPUS [2012-12-15 10:25:50 | 015,739,912 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2010-06-27 16:22:08 | 001,093,632 | ---- | C] (Karol Winnicki) -- C:\Program Files\BESTplayer.exe [2010-06-27 16:02:06 | 025,802,312 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wmp11-windowsxp-x86-PL-PL.exe [2010-06-27 16:02:03 | 003,387,040 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup232.exe [2010-06-27 16:02:03 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dxwebsetup.exe [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-01-11 12:54:51 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-01-11 12:52:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-01-11 12:26:39 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-01-11 11:17:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Maxwel\Pulpit\OTL.exe [2013-01-11 11:05:58 | 000,101,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-01-11 10:57:03 | 000,002,596 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2013-01-11 10:26:09 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-01-11 10:26:09 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-01-11 10:25:58 | 015,739,912 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013-01-11 10:24:39 | 000,093,640 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-01-11 10:24:36 | 000,554,087 | ---- | M] () -- C:\Documents and Settings\Maxwel\Pulpit\adwcleaner.exe [2013-01-11 10:24:34 | 000,260,528 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013-01-11 10:24:34 | 000,174,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-01-11 10:24:34 | 000,173,992 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-01-11 10:24:34 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013-01-11 10:24:33 | 000,859,072 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013-01-11 10:24:33 | 000,779,704 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013-01-11 09:38:03 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{A43B6A27-C7DC-4AB7-83C8-E914712A83E3}.job [2013-01-08 13:30:12 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\Maxwel\Menu Start\Programy\Autostart\runctf.lnk [2013-01-08 13:29:55 | 000,177,248 | ---- | M] (Корпорация Майкрософт) -- C:\Documents and Settings\Maxwel\wgsdgsdgdsgsd.exe.vir [2013-01-07 14:29:14 | 000,042,567 | ---- | M] () -- C:\Documents and Settings\Maxwel\Pulpit\wypowiedzenie_umowy_konta_inteligo_indywidualnego_od_03092012.pdf [2013-01-06 19:06:12 | 000,000,479 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Cryostasis.lnk [2013-01-04 18:35:55 | 000,043,137 | ---- | M] () -- C:\Documents and Settings\Maxwel\Pulpit\P1010099.JPG [2013-01-04 18:35:11 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Maxwel\Moje dokumenty\Mój komputer.lnk [2013-01-04 11:10:29 | 000,000,976 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Ashampoo Burning Studio 2012.lnk [2013-01-04 10:44:26 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-01-03 10:38:10 | 000,001,556 | ---- | M] () -- C:\Documents and Settings\Maxwel\Pulpit\ib.lnk [2012-12-31 14:47:46 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Skype.lnk [2012-12-16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll [2012-12-16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll [2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-01-11 10:24:35 | 000,554,087 | ---- | C] () -- C:\Documents and Settings\Maxwel\Pulpit\adwcleaner.exe [2013-01-08 13:30:12 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\Maxwel\Menu Start\Programy\Autostart\runctf.lnk [2013-01-07 14:29:14 | 000,042,567 | ---- | C] () -- C:\Documents and Settings\Maxwel\Pulpit\wypowiedzenie_umowy_konta_inteligo_indywidualnego_od_03092012.pdf [2013-01-06 19:06:12 | 000,000,479 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Cryostasis.lnk [2013-01-04 18:35:30 | 000,043,137 | ---- | C] () -- C:\Documents and Settings\Maxwel\Pulpit\P1010099.JPG [2013-01-04 18:35:11 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Maxwel\Moje dokumenty\Mój komputer.lnk [2013-01-04 11:10:29 | 000,000,976 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Ashampoo Burning Studio 2012.lnk [2013-01-02 16:08:24 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Mozilla Firefox.lnk [2013-01-02 14:40:46 | 000,001,556 | ---- | C] () -- C:\Documents and Settings\Maxwel\Pulpit\ib.lnk [2012-11-21 12:59:08 | 000,051,370 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2012-09-11 16:32:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-18 17:45:30 | 000,000,275 | ---- | C] () -- C:\WINDOWS\{27018D57-D152-44EF-BCE0-5E3B3445EABE}_WiseFW.ini [2012-01-13 17:43:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2012-01-13 17:43:31 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2012-01-13 17:43:31 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2012-01-13 17:43:31 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2011-06-29 17:48:47 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2011-06-11 11:54:54 | 000,000,596 | ---- | C] () -- C:\WINDOWS\disney.ini [2010-10-29 15:38:12 | 000,015,360 | ---- | C] () -- C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-06-27 16:02:04 | 015,474,026 | ---- | C] ( ) -- C:\Program Files\klcodec570f.exe [2010-06-27 16:02:03 | 018,108,928 | ---- | C] () -- C:\Program Files\eav_nt32_plk.msi [2010-06-20 15:25:44 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Maxwel\Ustawienia lokalne\Dane aplikacji\WavXMapDrive.bat [color=#E56717]========== ZeroAccess Check ==========[/color] [2010-06-20 15:12:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-09-06 13:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008-09-06 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >