OTL logfile created on: 2013-03-13 07:06:11 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\DOM\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,87 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 63,12% Memory free 3,72 Gb Paging File | 3,21 Gb Available in Paging File | 86,25% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 81,24 Gb Free Space | 83,19% Space Free | Partition Type: NTFS Drive E: | 135,22 Gb Total Space | 133,69 Gb Free Space | 98,87% Space Free | Partition Type: NTFS Computer Name: OPTIMUS | User Name: DOM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-03-12 20:48:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DOM\Pulpit\OTL.exe PRC - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2009-05-14 14:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2009-05-14 14:47:08 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2009-05-08 09:35:50 | 002,780,432 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe PRC - [2009-05-08 09:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe PRC - [2009-04-30 15:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2009-01-09 19:53:06 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin PRC - [2009-01-09 19:53:02 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe PRC - [2008-06-13 14:22:52 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Program Files\medi.com\miniIRIS\firebird21\bin\fbserver.exe PRC - [2008-04-28 06:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE PRC - [2008-04-15 13:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-03-17 17:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE PRC - [2008-01-22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2009-05-08 09:35:50 | 002,780,432 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe MOD - [2009-05-08 09:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe MOD - [2008-07-29 12:55:14 | 000,969,728 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll MOD - [2008-01-22 09:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012-10-02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012-07-13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2009-05-14 14:54:22 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-05-14 14:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2009-04-30 15:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008-01-22 09:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2009-05-14 14:49:26 | 000,055,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2009-05-14 14:49:26 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2009-05-14 14:49:22 | 000,133,000 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2009-05-14 14:47:14 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-05-14 14:41:10 | 000,114,472 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-05-01 00:03:30 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2009-05-01 00:03:08 | 006,754,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) DRV - [2009-05-01 00:01:36 | 000,265,496 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2009-05-01 00:00:00 | 000,114,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2009-04-30 15:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2008-11-25 09:37:50 | 004,952,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008-08-18 11:54:24 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts) DRV - [2008-08-01 04:36:26 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2008-08-01 04:36:20 | 000,054,784 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2008-04-17 14:52:50 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2006-06-14 17:00:34 | 000,059,264 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) DRV - [2006-06-14 16:10:38 | 000,058,232 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2006-06-14 15:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [2004-08-14 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ IE - HKCU\..\SearchScopes,DefaultScope = {10C3DEEC-8C5A-41CE-94AE-A5CF6ECE6A4E} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=NP24DF&PC=NP24&q={searchTerms}&src=IE-SearchBox IE - HKCU\..\SearchScopes\{10C3DEEC-8C5A-41CE-94AE-A5CF6ECE6A4E}: "URL" = http://www.google.com/search?hl=pl&q={searchTerms}&rlz=1I7SKPB_plPL335 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: http://www.wp.pl/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\25.0.1364.172\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\25.0.1364.172\gcswf32.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Skype Click to Call = C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\ CHR - Extension: Skype Click to Call = C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\ O1 HOSTS File: ([2012-01-23 17:10:16 | 000,001,401 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 188.119.151.113 www.google-analytics.com. O1 - Hosts: 188.119.151.113 ad-emea.doubleclick.net. O1 - Hosts: 188.119.151.113 www.statcounter.com. O1 - Hosts: 69.72.252.254 www.google-analytics.com. O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net. O1 - Hosts: 69.72.252.254 www.statcounter.com. O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [FBserver 2.1] C:\Program Files\medi.com\miniIRIS\firebird21\bin\fbserver.exe (Firebird Project) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\DOM\Menu Start\Programy\Autostart\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data] O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1348465932218 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97BCF469-2CA0-422A-B837-EB4506E1F26F}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-06 13:47:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{3e8c70dc-841f-11de-85c8-00248cd8dc4c}\Shell - "" = AutoRun O33 - MountPoints2\{3e8c70dc-841f-11de-85c8-00248cd8dc4c}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{572d1fb4-6cb0-11de-85c2-00248cd8dc4c}\Shell - "" = AutoRun O33 - MountPoints2\{572d1fb4-6cb0-11de-85c2-00248cd8dc4c}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{ac6440a8-6a39-11de-bd94-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{ac6440a8-6a39-11de-bd94-806d6172696f}\Shell\AutoRun\command - "" = D:\Bin\ASSETUP.exe O33 - MountPoints2\{bbb668d2-6cb0-11de-85c3-00248cd8dc4c}\Shell - "" = AutoRun O33 - MountPoints2\{bbb668d2-6cb0-11de-85c3-00248cd8dc4c}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-03-13 07:05:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DOM\Pulpit\OTL.exe [2013-03-13 06:41:13 | 000,000,000 | ---D | C] -- C:\_OTL [2013-03-12 20:03:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll [2013-03-12 20:03:40 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [2013-03-12 20:03:38 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys [2013-03-12 20:03:27 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-03-13 07:03:01 | 000,002,304 | ---- | M] () -- C:\Documents and Settings\DOM\Pulpit\Google Chrome.lnk [2013-03-13 06:57:36 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{71A20CDB-631F-4C43-9E92-B6D26172AB35}.job [2013-03-13 06:53:09 | 000,207,962 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2013-03-13 06:53:08 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-03-13 06:53:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-03-12 21:51:50 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-03-12 21:49:35 | 000,000,068 | ---- | M] () -- C:\WINDOWS\iltwain.ini [2013-03-12 21:28:34 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1770027372-682003330-1004UA.job [2013-03-12 21:09:27 | 000,140,440 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-03-12 20:48:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DOM\Pulpit\OTL.exe [2013-03-12 20:28:55 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013-03-12 14:59:45 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs [2013-03-12 14:59:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad [2013-03-12 14:49:40 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2013-03-12 14:49:39 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-03-11 07:59:54 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-03-08 13:27:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-329068152-1770027372-682003330-1004Core.job [2013-03-04 10:49:05 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI [2013-02-14 13:03:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-02-14 13:02:02 | 000,500,190 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-02-14 13:02:02 | 000,441,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-02-14 13:02:02 | 000,088,850 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-02-14 13:02:02 | 000,071,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-03-13 07:03:55 | 000,002,304 | ---- | C] () -- C:\Documents and Settings\DOM\Pulpit\Google Chrome.lnk [2012-03-08 13:26:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011-12-08 14:08:15 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011-11-28 16:52:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Viewer.INI [2010-03-11 13:58:00 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\DOM\default.pls [2009-12-10 14:38:50 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2009-11-25 14:45:35 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\DOM\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-12-08 11:09:18 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009-04-29 05:35:21 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >