OTL logfile created on: 2013-05-16 10:47:37 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\MARCIN\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,38% Memory free 3,85 Gb Paging File | 2,59 Gb Available in Paging File | 67,32% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 146,49 Gb Total Space | 99,61 Gb Free Space | 67,99% Space Free | Partition Type: NTFS Drive D: | 319,27 Gb Total Space | 214,81 Gb Free Space | 67,28% Space Free | Partition Type: NTFS Drive E: | 97,65 Gb Total Space | 87,83 Gb Free Space | 89,94% Space Free | Partition Type: NTFS Drive F: | 368,10 Gb Total Space | 288,96 Gb Free Space | 78,50% Space Free | Partition Type: NTFS Drive Y: | 915,42 Gb Total Space | 571,75 Gb Free Space | 62,46% Space Free | Partition Type: NTFS Drive Z: | 915,42 Gb Total Space | 571,75 Gb Free Space | 62,46% Space Free | Partition Type: NTFS Computer Name: PC8 | User Name: MARCIN | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-05-16 10:52:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MARCIN\Pulpit\OTL.exe PRC - [2013-02-28 18:17:15 | 001,044,816 | ---- | M] (Flexera Software, Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe PRC - [2013-01-11 11:16:15 | 000,917,552 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-01-02 09:38:51 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe PRC - [2013-01-02 09:38:50 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe PRC - [2012-12-18 16:28:12 | 001,431,256 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe PRC - [2012-09-17 13:41:58 | 000,508,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2012-06-28 15:23:04 | 000,241,443 | ---- | M] (UltraVnc) -- C:\Documents and Settings\MARCIN\Pulpit\pomoc.exe PRC - [2012-02-07 08:01:20 | 000,132,520 | ---- | M] (Autodesk, Inc.) -- F:\Program Files\Autodesk\AutoCAD LT 2013\AdExchange\AcBrowserHost.exe PRC - [2012-02-07 08:01:15 | 005,605,800 | ---- | M] (Autodesk, Inc.) -- F:\Program Files\Autodesk\AutoCAD LT 2013\acadlt.exe PRC - [2012-01-31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe PRC - [2012-01-19 00:34:14 | 000,350,656 | ---- | M] (Autodesk, Inc.) -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe PRC - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2011-09-22 13:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2011-02-04 17:01:58 | 000,025,088 | ---- | M] () -- C:\Program Files\FERRO Software\FtpUse\mounter.exe PRC - [2010-09-12 18:32:22 | 001,416,504 | ---- | M] (Marek Jasinski - www.FreeCommander.com) -- C:\Program Files\FreeCommander\FreeCommander.exe PRC - [2010-03-10 03:10:38 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max Design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe PRC - [2009-06-01 10:26:34 | 000,136,192 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 14:00:00 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe PRC - [2007-05-31 17:19:12 | 000,068,608 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Printer Utility\HPPU.exe PRC - [2007-05-31 17:15:48 | 000,081,920 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDS.exe PRC - [2007-05-31 17:11:02 | 000,102,400 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exe PRC - [2005-03-28 19:31:10 | 000,241,664 | ---- | M] (UltraVNC) -- C:\Documents and Settings\MARCIN\Ustawienia lokalne\Temp\7zS215.tmp\winvnc.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-05-16 03:14:05 | 000,369,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\98e8641e2ca570f03352a91836b0b97a\System.ServiceModel.Routing.ni.dll MOD - [2013-05-16 03:14:04 | 001,140,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0e5d2997438866de453e8b1401d84398\System.ServiceModel.Discovery.ni.dll MOD - [2013-05-16 03:14:03 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3a75004c8363a598f4997686c16ae55e\System.ServiceModel.Channels.ni.dll MOD - [2013-05-16 03:13:54 | 001,393,152 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4dbbfceeddfc9180d5f621f0fc586e2c\System.ServiceModel.Activities.ni.dll MOD - [2013-05-16 03:13:52 | 001,078,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6ff6bd832b03b5d6ea275ba9bee2d3ef\System.IdentityModel.ni.dll MOD - [2013-05-16 03:13:50 | 018,080,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\be692307d47b83000bba8bb6b484aff0\System.ServiceModel.ni.dll MOD - [2013-05-16 03:13:34 | 001,085,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\66cd1f52f3d80e02efa25c0fd795a278\System.ServiceModel.Web.ni.dll MOD - [2013-05-16 03:12:03 | 001,021,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dll MOD - [2013-05-16 03:12:02 | 002,647,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll MOD - [2013-05-16 03:12:00 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8732d692f02402dbd81280b0d3c4f6a9\System.Xml.Linq.ni.dll MOD - [2013-05-16 03:11:59 | 001,641,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationUI\33aa9551abc29dadfbead63b13c6edae\PresentationUI.ni.dll MOD - [2013-05-16 03:11:47 | 003,116,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AcWindows\2e1761957ab1dacdd3757d64e103a934\AcWindows.ni.dll MOD - [2013-05-16 03:11:43 | 004,665,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Acmgd\461cb124b8d9b9da34f2e0b8ef372914\Acmgd.ni.dll MOD - [2013-05-16 03:11:36 | 010,908,160 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Acdbmgd\9862ead7cab6e604c5566064e6b75d51\Acdbmgd.ni.dll MOD - [2013-05-16 03:11:29 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AcCui\a534c1151afe6d94ae0970f9df9c5e45\AcCui.ni.dll MOD - [2013-05-16 03:11:27 | 001,645,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\accoremgd\c8d640d235f89fda64e73d886998bb3b\accoremgd.ni.dll MOD - [2013-05-16 03:10:23 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll MOD - [2013-05-16 03:06:56 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2013-05-16 03:05:04 | 018,002,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\f8be236f4f8eb386339f37b0819d0485\PresentationFramework.ni.dll MOD - [2013-05-16 03:04:45 | 011,451,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\5b435444da756422bd0b7b6eac2a7f81\PresentationCore.ni.dll MOD - [2013-05-16 03:04:42 | 006,811,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\7eb2db9c15d8d3552873d1243b8892e8\System.Data.ni.dll MOD - [2013-05-16 03:04:40 | 013,199,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll MOD - [2013-05-16 03:04:31 | 007,069,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll MOD - [2013-05-16 03:04:31 | 003,858,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\04234655804b80911ae02fd41e5d1fb8\WindowsBase.ni.dll MOD - [2013-05-16 03:04:25 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll MOD - [2013-05-15 20:45:27 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll MOD - [2013-03-01 10:35:36 | 000,253,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ba39e27ea796912fce296963622dfbae\WindowsFormsIntegration.ni.dll MOD - [2013-03-01 10:35:32 | 001,226,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\deeaf4e18881dc5606d85a37b7fac590\System.WorkflowServices.ni.dll MOD - [2013-03-01 10:32:57 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll MOD - [2013-03-01 10:32:55 | 001,925,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\13cf0d36d2311cb02e189999f42b5212\System.Web.Services.ni.dll MOD - [2013-03-01 10:32:43 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll MOD - [2013-03-01 10:32:43 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.Wrapper.dll MOD - [2013-03-01 10:32:42 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll MOD - [2013-03-01 10:32:40 | 000,143,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll MOD - [2013-03-01 10:32:09 | 001,801,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll MOD - [2013-02-28 18:18:18 | 001,439,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AcLayer\8a91558575dde24534e625b9dfc5008d\AcLayer.ni.dll MOD - [2013-02-28 18:07:00 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a73487ae918222fa860d319f9502a3f6\PresentationFramework.Luna.ni.dll MOD - [2013-02-28 18:06:52 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll MOD - [2013-02-28 18:06:48 | 000,595,968 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll MOD - [2013-02-28 18:06:46 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll MOD - [2013-02-28 18:06:42 | 009,094,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll MOD - [2013-02-13 10:01:13 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll MOD - [2013-02-13 10:00:56 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll MOD - [2013-01-11 11:16:15 | 003,021,872 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013-01-10 17:42:09 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\MARCIN\Ustawienia lokalne\Dane aplikacji\Adobe\Acrobat\10.0\Cache\RdLang_Updater.POL MOD - [2013-01-10 17:40:27 | 009,330,176 | ---- | M] () -- C:\Documents and Settings\MARCIN\Ustawienia lokalne\Dane aplikacji\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.pol MOD - [2013-01-09 04:19:13 | 000,096,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\a1b65a602c75409c0c1ce7fa1f2a0983\UIAutomationProvider.ni.dll MOD - [2013-01-09 04:18:09 | 000,044,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Accessibility\e290208a6d4ea4451ac118f1e0c3b488\Accessibility.ni.dll MOD - [2013-01-09 04:17:28 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll MOD - [2013-01-09 04:14:16 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll MOD - [2013-01-09 04:13:03 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll MOD - [2013-01-09 04:12:56 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll MOD - [2013-01-09 04:04:09 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll MOD - [2013-01-02 09:38:51 | 000,997,320 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe MOD - [2013-01-02 09:38:50 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe MOD - [2012-12-18 16:28:46 | 000,300,544 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.POL MOD - [2012-12-18 16:28:12 | 000,305,880 | ---- | M] () -- C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll MOD - [2012-09-24 10:10:56 | 000,564,832 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll MOD - [2012-09-24 10:10:54 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll MOD - [2012-02-07 07:59:53 | 001,200,552 | ---- | M] () -- F:\Program Files\Autodesk\AutoCAD LT 2013\AcVMTools.crx MOD - [2012-02-07 07:59:53 | 000,153,000 | ---- | M] () -- F:\Program Files\Autodesk\AutoCAD LT 2013\AcCloudConnect.crx MOD - [2012-02-07 07:59:52 | 000,842,664 | ---- | M] () -- F:\Program Files\Autodesk\AutoCAD LT 2013\acDim.crx MOD - [2012-02-07 07:59:51 | 000,276,904 | ---- | M] () -- f:\Program Files\Autodesk\AutoCAD LT 2013\AcFdEval.crx MOD - [2012-02-07 07:59:51 | 000,160,680 | ---- | M] () -- F:\Program Files\Autodesk\AutoCAD LT 2013\acISMui.crx MOD - [2012-02-07 07:59:50 | 000,695,720 | ---- | M] () -- F:\Program Files\Autodesk\AutoCAD LT 2013\AcCmMgr.crx MOD - [2012-02-07 07:59:50 | 000,185,768 | ---- | M] () -- F:\Program Files\Autodesk\AutoCAD LT 2013\AcCalcEngine.crx MOD - [2012-02-07 07:59:49 | 000,628,648 | ---- | M] () -- F:\Program Files\Autodesk\AutoCAD LT 2013\AcApp.crx MOD - [2012-02-07 07:59:48 | 000,093,096 | ---- | M] () -- F:\Program Files\Autodesk\AutoCAD LT 2013\AcParameter.crx MOD - [2011-10-08 06:50:00 | 000,355,432 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll MOD - [2011-10-04 22:42:36 | 000,086,016 | ---- | M] () -- C:\WINDOWS\system32\custmon32i.dll MOD - [2011-04-29 21:27:16 | 001,001,408 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\libxml2.dll MOD - [2011-04-29 21:23:08 | 000,310,208 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_engine.dll MOD - [2011-04-29 21:23:08 | 000,121,280 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axiom.dll MOD - [2011-04-29 21:23:08 | 000,104,896 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axutil.dll MOD - [2011-04-29 21:23:08 | 000,086,976 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\neethi.dll MOD - [2011-04-29 21:23:08 | 000,030,144 | ---- | M] () -- C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_parser.dll MOD - [2011-02-04 17:01:58 | 000,025,088 | ---- | M] () -- C:\Program Files\FERRO Software\FtpUse\mounter.exe MOD - [2010-03-10 03:10:38 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max Design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe MOD - [2009-12-21 03:42:16 | 000,176,235 | ---- | M] () -- C:\WINDOWS\system32\Primomonnt.dll MOD - [2008-04-15 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013-05-15 20:45:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-02-28 18:17:15 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2013-01-11 11:16:15 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-01-02 09:38:50 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0) SRV - [2012-01-31 11:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service) SRV - [2011-10-08 06:50:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011-09-22 13:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2011-02-04 17:01:58 | 000,025,088 | ---- | M] () [Auto | Running] -- C:\Program Files\FERRO Software\FtpUse\mounter.exe -- (DokanMounter) SRV - [2010-03-10 03:10:38 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max Design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32) SRV - [2009-06-01 10:26:34 | 000,136,192 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Microsoft Antimalware\Definition Updates\{C0297ECC-2499-47A5-989A-E9492B5C0638}\MpKslc86a814d.sys -- (MpKslc86a814d) DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Microsoft Antimalware\Definition Updates\{C0297ECC-2499-47A5-989A-E9492B5C0638}\MpKsl9b6714cc.sys -- (MpKsl9b6714cc) DRV - File not found [Kernel | System | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft\Microsoft Antimalware\Definition Updates\{C0297ECC-2499-47A5-989A-E9492B5C0638}\MpKsl57466c37.sys -- (MpKsl57466c37) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013-01-02 09:38:51 | 000,026,984 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp) DRV - [2011-08-30 11:28:46 | 006,435,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2011-08-09 15:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2011-08-04 10:20:38 | 000,103,112 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2011-08-04 10:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2011-06-13 05:03:54 | 000,306,664 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2011-02-04 17:01:00 | 000,091,904 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\dokan.sys -- (Dokan) DRV - [2009-12-03 07:00:00 | 000,078,648 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WibuKey.sys -- (WIBUKEY) DRV - [2009-11-18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-11-04 20:21:04 | 000,083,296 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID) DRV - [2006-11-09 07:20:00 | 000,016,384 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Wibukey2.sys -- (Wibukey2) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gazeta.pl/0,0.html?sc=1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gazeta.pl/0,0.html?sc=1 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://gazeta.pl/0,0.html?sc=1 IE - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://gazeta.pl/0,0.html?sc=1 IE - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\..\SearchScopes,DefaultScope = {D7C5232E-F60D-4834-AE86-FCF10B5DAB64} IE - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\..\SearchScopes\{09AF4E88-F2EE-4DFF-8CAC-49C038FA5734}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\..\SearchScopes\{22945C22-CFBD-4175-8EDD-EED1B74B2CC1}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\..\SearchScopes\{D7C5232E-F60D-4834-AE86-FCF10B5DAB64}: "URL" = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true&s.sm.query={searchTerms} IE - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/412" FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0 FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0 FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=412&sr=0&q=" FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search\12.2.5.34\ [2012-09-24 10:11:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-11 11:16:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-12-16 11:05:19 | 000,000,000 | ---D | M] [2013-05-14 18:23:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MARCIN\Dane aplikacji\Mozilla\Extensions [2013-05-14 18:23:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MARCIN\Dane aplikacji\Mozilla\Firefox\Profiles\5hlokvkh.default\extensions [2011-12-22 08:22:12 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\MARCIN\Dane aplikacji\Mozilla\Firefox\Profiles\5hlokvkh.default\extensions\ffxtlbr@babylon.com [2011-12-22 08:24:55 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\MARCIN\Dane aplikacji\Mozilla\Firefox\Profiles\5hlokvkh.default\searchplugins\Search_Results.xml [2013-05-14 18:23:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013-01-11 11:16:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-01-11 11:16:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-12 08:54:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2013-01-11 11:16:15 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-01-13 08:02:03 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2013-01-02 09:39:00 | 000,003,574 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml [2012-05-21 11:30:35 | 000,002,366 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml [2012-01-13 08:02:03 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-01-13 08:02:03 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-01-13 08:02:02 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-12-22 08:24:55 | 000,002,515 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml [2012-01-13 08:02:02 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-01-13 08:02:02 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2008-04-15 14:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll () O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - Reg Error: Value error. File not found O3 - HKLM\..\Toolbar: (no name) - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.) O4 - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [PUStarter] C:\Program Files\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDS.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [ROC_ROC_NT] C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe () O4 - HKLM..\Run: [RunPUTasktray] "C:\Program Files\Hewlett-Packard\HP Printer Utility\HPPU.exe" --regkeypath=Software\Hewlett-Packard\HP Printer Utility\HPPURun --valuename=InstallTTM File not found O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-21-1202660629-1801674531-51033118-1003..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" File not found O4 - Startup: C:\Documents and Settings\MARCIN\Menu Start\Programy\Autostart\laczenie.bat () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1202660629-1801674531-51033118-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: = O7 - HKU\S-1-5-21-1202660629-1801674531-51033118-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1322742976875 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.17.34.10 217.8.168.244 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2028CBA-CEDC-41D1-A435-415BA3382CCF}: DhcpNameServer = 217.17.34.10 217.8.168.244 O18 - Protocol\Handler\HPPUDCS {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Program Files\Common Files\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll (Hewlett-Packard Company) O18 - Protocol\Handler\hppufile {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company) O18 - Protocol\Handler\hppusam {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company) O18 - Protocol\Handler\hppuzip {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll (Hewlett-Packard Company) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\MARCIN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\MARCIN\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011-12-01 12:20:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010-10-18 21:10:43 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013-02-27 18:26:58 | 000,000,000 | ---D | M] - F:\Autodesk -- [ NTFS ] O33 - MountPoints2\{ad669b44-4457-11e2-86f8-001a4d538ef2}\Shell - "" = AutoRun O33 - MountPoints2\{ad669b44-4457-11e2-86f8-001a4d538ef2}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{ad669b47-4457-11e2-86f8-001a4d538ef2}\Shell - "" = AutoRun O33 - MountPoints2\{ad669b47-4457-11e2-86f8-001a4d538ef2}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{d08c3f1c-4460-11e2-86f9-001a4d538ef2}\Shell - "" = AutoRun O33 - MountPoints2\{d08c3f1c-4460-11e2-86f9-001a4d538ef2}\Shell\AutoRun\command - "" = H:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-05-16 10:52:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\MARCIN\Pulpit\OTL.exe [2013-05-14 11:27:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll [2013-05-14 11:27:28 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys [2012-09-05 09:22:41 | 035,798,848 | ---- | C] (Trimble Navigation Limited) -- C:\Program Files\SketchUpWEN.exe [2012-09-05 09:19:28 | 035,798,848 | ---- | C] (Trimble Navigation Limited) -- C:\Program Files\GoogleSketchUpWEN.exe [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-12-21 11:05:57 | 000,503,056 | ---- | M] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\Lokal_+1.L.65_+1.L.pdf [2013-05-16 10:52:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\MARCIN\Pulpit\OTL.exe [2013-05-16 10:45:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-05-16 10:34:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013-05-16 10:34:00 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013-05-16 09:18:12 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-05-16 09:16:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-05-16 03:24:25 | 001,554,656 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-05-16 03:07:11 | 000,554,808 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-05-16 03:07:11 | 000,493,298 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-05-16 03:07:11 | 000,104,620 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-05-16 03:07:11 | 000,083,946 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-05-16 03:02:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-05-15 20:45:28 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-05-15 20:45:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-05-14 14:58:31 | 000,000,184 | -H-- | M] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\Rysunek1.dwl2 [2013-05-14 14:58:31 | 000,000,034 | -H-- | M] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\Rysunek1.dwl [2013-05-13 14:44:14 | 000,234,051 | ---- | M] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\ZSA_technologia_opis.pdf [2013-05-07 06:22:16 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2013-04-26 11:24:44 | 000,182,359 | ---- | M] () -- C:\Documents and Settings\MARCIN\Pulpit\MBTI - SP-wyp.odt [2013-04-26 11:14:34 | 000,182,349 | ---- | M] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\MBTI - SP-wyp.odt [2013-04-25 10:38:57 | 002,935,567 | ---- | M] () -- C:\Documents and Settings\MARCIN\Pulpit\Klimki.rar [2013-04-24 17:12:07 | 016,676,681 | ---- | M] () -- C:\Documents and Settings\MARCIN\Pulpit\Pakiet informacyjny.rar [2013-04-24 16:33:30 | 000,413,471 | ---- | M] () -- C:\Documents and Settings\MARCIN\Pulpit\GS-1_08-INST-RYS1-R4_DACH.dwg [2013-04-19 10:18:31 | 013,309,576 | ---- | M] () -- C:\Documents and Settings\MARCIN\Pulpit\2013.03.26 GS-A-R-(07)-wc.dwg [2013-04-18 15:33:53 | 000,129,616 | ---- | M] () -- C:\Documents and Settings\MARCIN\Pulpit\Aneks_nr1_Za_plan_lokalu.tif [2013-04-17 00:26:50 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2013-04-17 00:26:49 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2013-04-17 00:26:49 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2013-04-17 00:26:48 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2013-04-17 00:26:48 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2013-04-17 00:26:48 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2013-04-17 00:26:48 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll [2013-04-17 00:26:48 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll [2013-04-17 00:26:47 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2013-04-17 00:26:33 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2013-04-17 00:26:33 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2013-04-17 00:26:32 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2013-04-17 00:26:32 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2013-04-17 00:26:29 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll [2013-04-17 00:26:29 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll [2013-04-17 00:26:28 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2013-04-17 00:26:28 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2013-04-17 00:26:26 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll [2013-04-17 00:26:25 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2013-04-17 00:26:25 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2013-04-17 00:26:23 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2013-04-17 00:26:19 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2013-04-17 00:26:19 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2013-04-17 00:26:17 | 011,112,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2013-04-17 00:25:58 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2013-04-17 00:25:56 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2013-04-17 00:25:56 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-12-21 11:05:43 | 000,503,056 | ---- | C] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\Lokal_+1.L.65_+1.L.pdf [2013-05-14 14:58:31 | 000,000,184 | -H-- | C] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\Rysunek1.dwl2 [2013-05-14 14:58:31 | 000,000,034 | -H-- | C] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\Rysunek1.dwl [2013-05-13 14:44:13 | 000,234,051 | ---- | C] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\ZSA_technologia_opis.pdf [2013-04-26 11:24:43 | 000,182,359 | ---- | C] () -- C:\Documents and Settings\MARCIN\Pulpit\MBTI - SP-wyp.odt [2013-04-26 11:14:34 | 000,182,349 | ---- | C] () -- C:\Documents and Settings\MARCIN\Moje dokumenty\MBTI - SP-wyp.odt [2013-04-25 10:38:51 | 002,935,567 | ---- | C] () -- C:\Documents and Settings\MARCIN\Pulpit\Klimki.rar [2013-04-24 17:12:02 | 016,676,681 | ---- | C] () -- C:\Documents and Settings\MARCIN\Pulpit\Pakiet informacyjny.rar [2013-04-24 16:33:30 | 000,413,471 | ---- | C] () -- C:\Documents and Settings\MARCIN\Pulpit\GS-1_08-INST-RYS1-R4_DACH.dwg [2013-04-19 10:18:31 | 013,309,576 | ---- | C] () -- C:\Documents and Settings\MARCIN\Pulpit\2013.03.26 GS-A-R-(07)-wc.dwg [2013-04-18 15:33:53 | 000,129,616 | ---- | C] () -- C:\Documents and Settings\MARCIN\Pulpit\Aneks_nr1_Za_plan_lokalu.tif [2013-02-11 19:26:25 | 001,407,988 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-1202660629-1801674531-51033118-1003-0.dat [2013-02-11 19:26:22 | 000,285,398 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2013-02-11 19:11:20 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft.SqlServer.Compact.351.32.bc [2013-01-09 04:28:02 | 001,140,624 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2012-10-02 15:00:02 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll [2012-09-24 10:10:55 | 000,026,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\avgtpx86.sys [2012-05-22 09:49:53 | 001,506,653 | ---- | C] () -- C:\Program Files\wrar411.exe [2012-05-22 09:48:36 | 034,627,352 | ---- | C] () -- C:\Program Files\7zip-setup.exe [2012-05-21 11:30:55 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32i.dll [2012-05-21 11:30:03 | 000,568,080 | ---- | C] () -- C:\Program Files\PDFConverterSetup.exe [2012-03-21 14:59:55 | 000,000,400 | ---- | C] () -- C:\WINDOWS\g_lfolqn515.ini [2012-03-21 14:59:55 | 000,000,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\bfrpsej120.dat [2012-02-16 06:01:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-02-14 19:13:43 | 000,000,645 | R--- | C] () -- C:\WINDOWS\System32\hppapr14.dat [2012-01-17 08:36:47 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\MARCIN\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-01-03 15:08:21 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2011-12-16 11:39:40 | 000,000,776 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini [2011-12-08 11:43:19 | 000,057,552 | ---- | C] () -- C:\WINDOWS\System32\WkDos.exe [2011-12-01 12:54:10 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin [2011-12-01 12:54:10 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin [2011-12-01 12:54:10 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin [2011-12-01 12:53:58 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data [2011-12-01 12:52:26 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll [2011-12-01 12:44:04 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011-12-01 12:41:26 | 001,554,656 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011-12-01 12:21:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011-12-01 12:17:47 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2011-12-08 11:06:43 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 14:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-02-28 18:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Autodesk [2012-09-24 10:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVG Secure Search [2011-12-22 08:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2011-12-23 07:29:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\boost_interprocess [2012-09-24 10:10:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2013-05-14 18:22:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService [2011-12-16 11:05:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2012-03-21 14:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\McNeel [2013-05-14 18:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Tarma Installer [2012-05-10 10:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Softland [2013-02-28 18:24:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\Autodesk [2012-09-24 10:10:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\AVG Secure Search [2011-12-22 08:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\Babylon [2012-12-12 14:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\blueconnect [2012-09-17 11:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\DicomViewer 11.2.0.0 [2011-12-22 08:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\FreeCDRipper [2012-01-23 08:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\K-PACS-Lite [2012-01-05 08:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\NapiProjekt [2011-12-16 11:35:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\OpenOffice.org [2013-04-23 12:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\PrimoPDF [2011-12-23 07:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\searchquband [2012-05-10 10:01:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\Softland [2011-12-14 15:53:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARCIN\Dane aplikacji\TeamViewer [color=#E56717]========== Purity Check ==========[/color] < End of report >