OTL logfile created on: 2013-06-16 22:32:56 - Run 8 OTL by OldTimer - Version Folder = C:\Documents and Settings\Hrabia\Pulpit Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1022,42 Mb Total Physical Memory | 286,73 Mb Available Physical Memory | 28,04% Memory free 2,40 Gb Paging File | 1,77 Gb Available in Paging File | 73,84% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 19,53 Gb Total Space | 2,36 Gb Free Space | 12,10% Space Free | Partition Type: NTFS Drive D: | 64,75 Gb Total Space | 19,03 Gb Free Space | 29,39% Space Free | Partition Type: NTFS Drive E: | 64,76 Gb Total Space | 6,28 Gb Free Space | 9,70% Space Free | Partition Type: NTFS Drive G: | 954,10 Mb Total Space | 953,21 Mb Free Space | 99,91% Space Free | Partition Type: FAT32 Computer Name: HRABIA-04B08AF9 | User Name: Hrabia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-06-16 22:30:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hrabia\Pulpit\OTL.exe PRC - [2013-05-23 21:50:41 | 000,920,472 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-05-09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013-04-04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013-03-26 19:13:08 | 000,196,624 | ---- | M] (Nitro PDF Software) -- D:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe PRC - [2012-12-03 17:40:50 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2009-10-22 18:53:04 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe PRC - [2008-04-14 19:21:16 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-06-16 20:46:24 | 002,088,960 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13061601\algo.dll MOD - [2013-06-12 17:35:29 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll MOD - [2013-05-23 21:50:40 | 003,128,728 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011-08-24 09:22:42 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\corelcreatorpm.dll MOD - [2009-10-22 18:53:04 | 000,126,976 | ---- | M] () -- C:\WINDOWS\system32\UAService7.exe MOD - [2008-10-07 14:33:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2008-04-14 19:20:37 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013-06-12 17:35:31 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-05-23 21:50:40 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-05-09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013-04-04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013-03-26 19:13:08 | 000,196,624 | ---- | M] (Nitro PDF Software) [Auto | Running] -- D:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe -- (NitroReaderDriverReadSpool3) SRV - [2012-12-03 17:40:50 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012-06-11 11:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009-10-22 18:53:04 | 000,126,976 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UAService7.exe -- (UserAccess7) SRV - [2008-05-02 02:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL) DRV - File not found [Kernel | System | Stopped] -- C:\windows\system32\drivers\SBREdrv.sys -- (SBRE) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Hrabia\USTAWI~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adiusbaw.sys -- (adiusbaw) DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\adildr.sys -- (ADILOADER) DRV - [2013-05-09 10:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013-05-09 10:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013-05-09 10:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013-05-09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013-05-09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013-05-09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013-05-09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2013-05-09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2013-04-12 22:49:29 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2012-10-01 12:01:22 | 000,021,376 | ---- | M] (Dev47Apps) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\droidcam.sys -- (DroidCam) DRV - [2012-06-11 11:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2012-01-09 17:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2012-01-09 17:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2012-01-09 17:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-07-15 12:47:50 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901) DRV - [2008-10-05 13:17:59 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2008-02-29 03:13:46 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt) DRV - [2008-02-29 03:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2008-02-29 03:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2008-02-29 03:12:48 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd) DRV - [2007-05-02 11:12:36 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm) DRV - [2007-05-02 11:12:36 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl) DRV - [2007-05-02 11:12:34 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) DRV - [2007-01-25 16:37:16 | 004,027,456 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) DRV - [2006-01-20 18:03:28 | 000,027,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe) DRV - [2006-01-20 18:03:24 | 000,069,376 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE) DRV - [2006-01-20 18:02:58 | 000,036,608 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK) DRV - [2005-01-11 10:47:56 | 000,033,792 | R--- | M] (IC Plus Corp. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipgdnd51.sys -- (ipgd) DRV - [2004-12-02 09:10:22 | 000,094,208 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viaxraid.sys -- (viaxraid) DRV - [2004-12-02 09:10:22 | 000,052,736 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viaxport.sys -- (viaxport) DRV - [2004-12-02 09:10:20 | 000,027,392 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viaxbus.sys -- (viaxbus) DRV - [2004-04-14 11:08:00 | 000,044,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2004-04-14 11:08:00 | 000,021,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter) DRV - [2004-04-14 11:08:00 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2004-04-14 11:08:00 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3160827AS_4MT03XGP____4MT03XGP&ts=1348933871 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3160827AS_4MT03XGP____4MT03XGP&ts=1348933871 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.v9.com/web/?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.v9.com/web/?q={searchTerms} IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{861B2270-6ABA-4533-8B6B-BFCC45E508D5}: "URL" = http://startsear.ch/?aff=2&src=sp&cf=fdd809d6-12e0-11e1-87fc-00508dd3c178&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=idg&from=idg&uid=ST3160827AS_4MT03XGP____4MT03XGP&ts=1348933871 IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\..\SearchScopes,DefaultScope = {D9611597-CB80-463A-B5B6-454D73BB2EB5} IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\..\SearchScopes\{D9611597-CB80-463A-B5B6-454D73BB2EB5}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7AMSA IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\..\SearchScopes\{F7F6CD54-9965-4B8D-BDE3-D294A53A8621}: "URL" = http://pl.wikipedia.org/w/index.php?title=Specjalna:Szukaj&search={searchTerms} IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = plimus.com;www.plimus.com;regnow.com;www.regnow.com;*.local IE - HKU\S-1-5-21-1957994488-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks= [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: D:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-01 12:03:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2013-05-26 11:22:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013-05-14 22:13:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011-03-24 22:55:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hrabia\Dane aplikacji\Mozilla\Extensions [2010-03-21 12:54:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hrabia\Dane aplikacji\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013-05-09 22:31:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Hrabia\Dane aplikacji\Mozilla\Firefox\Profiles\7nyf53z0.default\extensions [2013-05-08 18:46:29 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Hrabia\Dane aplikacji\Mozilla\Firefox\Profiles\7nyf53z0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: about:blank CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: LiveVDO.tv plug-in (Enabled) = C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp\1.3_0\chlivevdoplg.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U10 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw_1168638.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll CHR - plugin: Adobe Acrobat (Enabled) = D:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll CHR - plugin: Picasa (Enabled) = d:\Program Files\Google\Picasa3\npPicasa3.dll CHR - Extension: Dokumenty Google = C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Dysk Google = C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\ CHR - Extension: avast! Online Security = C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.7_0\ CHR - Extension: avast! Online Security = C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\ CHR - Extension: Gmail = C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2010-07-12 18:41:16 | 000,000,789 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1957994488-920026266-839522115-1004\..\Toolbar\WebBrowser: (no name) - {00000000-5736-4205-0008-F7ED0776FB27} - No CLSID value found. O3 - HKU\S-1-5-21-1957994488-920026266-839522115-1004\..\Toolbar\WebBrowser: (no name) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - No CLSID value found. O3 - HKU\S-1-5-21-1957994488-920026266-839522115-1004\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\nvmctray.dll (NVIDIA Corporation) O4 - HKU\S-1-5-21-1957994488-920026266-839522115-1004..\Run: [Hoolapp Android] "C:\DOCUME~1\Hrabia\DANEAP~1\HOOLAP~1\Hoolapp.exe" /Minimized File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 20160 = C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\cciauui.com (Hause) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221 O7 - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0 O7 - HKU\S-1-5-21-1957994488-920026266-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1957994488-920026266-839522115-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Wyślij &do programu OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found O15 - HKU\S-1-5-21-1957994488-920026266-839522115-1004\..Trusted Domains: kuaiche.com ([software] http in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B2838A4-38D5-40DB-9E9A-9EA3E665DBF0}: DhcpNameServer = O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logitech\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-06-16 21:37:26 | 000,000,000 | -HS- | M] () - G:\autorun.inf -- [ FAT32 ] O33 - MountPoints2\{0a5ced3b-6cc4-11df-83c6-4d6564696130}\Shell\AutoRun\command - "" = H:\.\Vado\Vado.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-06-16 22:30:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hrabia\Pulpit\OTL.exe [2013-06-16 17:31:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hrabia\Doctor Web [2013-06-16 17:10:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Local Settings [2013-06-16 17:09:02 | 000,000,000 | ---D | C] -- C:\MSI [2013-06-12 17:35:22 | 009,089,416 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerInstaller.exe [2013-06-08 09:13:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hrabia\Pulpit\ANTYPLAGIAT [2013-06-05 18:28:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hrabia\Pulpit\konwersatorium [2013-06-01 11:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hrabia\Pulpit\EGZ Wydymus [2013-05-25 22:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013-05-25 22:16:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hrabia\Menu Start\Programy\QTRAX [2013-05-25 22:16:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hrabia\Qtrax [2013-05-19 09:15:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hrabia\Moje dokumenty\Downloads [2013-05-19 09:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hrabia\Pulpit\Molendowski PD [2012-06-25 10:58:26 | 002,174,976 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Program Files\Common Files\atimpenc.dll [2009-02-17 19:17:35 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Hrabia\Dane aplikacji\pcouffin.sys [3 C:\Documents and Settings\Hrabia\Pulpit\*.tmp files -> C:\Documents and Settings\Hrabia\Pulpit\*.tmp -> ] [1 C:\Documents and Settings\Hrabia\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Hrabia\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-06-16 22:35:15 | 000,000,930 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013-06-16 22:30:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hrabia\Pulpit\OTL.exe [2013-06-16 22:23:24 | 000,000,364 | -H-- | M] () -- C:\windows\tasks\avast! Emergency Update.job [2013-06-16 22:22:50 | 000,001,032 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013-06-16 22:22:37 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat [2013-06-16 22:21:05 | 000,001,930 | ---- | M] () -- C:\Documents and Settings\Hrabia\Pulpit\FIX.REG [2013-06-16 22:17:33 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Hrabia\dir [2013-06-16 21:48:00 | 000,001,036 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013-06-16 21:26:25 | 000,001,748 | ---- | M] () -- C:\windows\wincmd.ini [2013-06-16 15:28:12 | 000,000,464 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{05AB6AB3-4AE5-4785-8916-458944EC4871}.job [2013-06-13 09:40:54 | 000,002,525 | ---- | M] () -- C:\Documents and Settings\Hrabia\Pulpit\Microsoft Word.lnk [2013-06-12 17:35:30 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2013-06-12 17:35:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2013-06-12 17:35:23 | 009,089,416 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerInstaller.exe [2013-06-12 14:15:04 | 000,001,374 | ---- | M] () -- C:\windows\imsins.BAK [2013-06-11 23:51:09 | 000,267,723 | ---- | M] () -- C:\Documents and Settings\Hrabia\Pulpit\PD_11.06pdf.pdf [2013-06-11 23:49:55 | 000,438,784 | ---- | M] () -- C:\Documents and Settings\Hrabia\Pulpit\PD_11.06 -ogółempdf.pdf [2013-06-11 13:22:38 | 000,001,001 | ---- | M] () -- C:\Documents and Settings\Hrabia\Pulpit\Dropbox.lnk [2013-06-06 23:54:20 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Google Chrome.lnk [2013-06-04 17:59:41 | 000,031,007 | ---- | M] () -- C:\Documents and Settings\Hrabia\Pulpit\pytanianatestdomolendowksiego.zip [2013-06-01 12:03:34 | 000,002,596 | ---- | M] () -- C:\windows\System32\CONFIG.NT [2013-06-01 11:08:28 | 000,013,720 | ---- | M] () -- C:\windows\System32\wpa.dbl [2013-05-25 22:26:43 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader XI.lnk [2013-05-24 11:37:07 | 000,441,336 | ---- | M] () -- C:\Documents and Settings\Hrabia\Moje dokumenty\Europass-CV-20130524-Hrabia-EN.pdf [2013-05-18 00:08:56 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dllcache\mshtml.dll [3 C:\Documents and Settings\Hrabia\Pulpit\*.tmp files -> C:\Documents and Settings\Hrabia\Pulpit\*.tmp -> ] [1 C:\Documents and Settings\Hrabia\Moje dokumenty\*.tmp files -> C:\Documents and Settings\Hrabia\Moje dokumenty\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-06-16 22:20:39 | 000,001,930 | ---- | C] () -- C:\Documents and Settings\Hrabia\Pulpit\FIX.REG [2013-06-16 22:17:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Hrabia\dir [2013-06-11 23:51:09 | 000,267,723 | ---- | C] () -- C:\Documents and Settings\Hrabia\Pulpit\PD_11.06pdf.pdf [2013-06-11 23:49:54 | 000,438,784 | ---- | C] () -- C:\Documents and Settings\Hrabia\Pulpit\PD_11.06 -ogółempdf.pdf [2013-06-04 17:59:37 | 000,031,007 | ---- | C] () -- C:\Documents and Settings\Hrabia\Pulpit\pytanianatestdomolendowksiego.zip [2013-05-25 22:26:43 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Adobe Reader XI.lnk [2013-05-25 22:26:42 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader XI.lnk [2013-05-24 11:36:47 | 000,441,336 | ---- | C] () -- C:\Documents and Settings\Hrabia\Moje dokumenty\Europass-CV-20130524-Hrabia-EN.pdf [2013-04-06 16:37:34 | 000,174,664 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys [2013-04-06 16:37:33 | 000,049,376 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys [2012-12-28 01:18:51 | 000,000,058 | ---- | C] () -- C:\windows\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2012-12-28 01:18:51 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\DonationCoder_ScreenshotCaptor_InstallInfo.dat [2012-12-28 01:07:24 | 000,000,059 | ---- | C] () -- C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\UserProducts.xml [2012-12-07 23:30:24 | 001,053,632 | ---- | C] () -- C:\windows\System32\drivers\sfi.dat [2012-12-05 11:24:27 | 000,109,256 | ---- | C] () -- C:\windows\System32\EasyHook64.dll [2012-12-05 11:24:27 | 000,090,824 | ---- | C] () -- C:\windows\System32\EasyHook32.dll [2012-12-05 11:21:06 | 000,000,025 | ---- | C] () -- C:\windows\emcore.INI [2012-12-04 22:19:04 | 001,070,792 | ---- | C] () -- C:\windows\System32\nvdrsdb1.bin [2012-12-04 22:19:04 | 001,070,792 | ---- | C] () -- C:\windows\System32\nvdrsdb0.bin [2012-12-04 22:19:03 | 000,000,001 | ---- | C] () -- C:\windows\System32\nvdrssel.bin [2012-11-25 15:06:42 | 000,000,414 | ---- | C] () -- C:\windows\hpbvspst.ini [2012-09-30 02:38:07 | 000,209,040 | ---- | C] () -- C:\windows\System32\IVIresizeW7.dll [2012-09-30 02:38:06 | 000,204,944 | ---- | C] () -- C:\windows\System32\IVIresizeA6.dll [2012-09-30 02:38:06 | 000,196,752 | ---- | C] () -- C:\windows\System32\IVIresizeP6.dll [2012-09-30 02:38:06 | 000,196,752 | ---- | C] () -- C:\windows\System32\IVIresizeM6.dll [2012-09-30 02:38:06 | 000,192,656 | ---- | C] () -- C:\windows\System32\IVIresizePX.dll [2012-09-30 02:38:06 | 000,024,720 | ---- | C] () -- C:\windows\System32\IVIresize.dll [2012-07-09 10:20:50 | 002,283,884 | ---- | C] () -- C:\windows\System32\nvdata.data [2012-07-01 19:23:46 | 000,558,133 | ---- | C] () -- C:\windows\System32\sqlite3.dll [2012-05-23 12:04:46 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\fusioncache.dat [2012-02-20 16:45:01 | 000,000,031 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\droidcam-settings [2012-02-16 11:53:36 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll [2011-09-21 12:01:12 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011-08-24 09:22:42 | 000,126,976 | ---- | C] () -- C:\windows\System32\corelcreatorpm.dll [2011-08-12 14:13:02 | 000,047,852 | -H-- | C] () -- C:\windows\System32\mlfcache.dat [2011-06-27 23:08:26 | 000,000,046 | ---- | C] () -- C:\windows\adiras.ini [2011-04-15 22:14:45 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Hrabia\Ustawienia lokalne\Dane aplikacji\Images.fl [2011-03-12 15:56:35 | 000,019,033 | ---- | C] () -- C:\Documents and Settings\Hrabia\Kontakty_7162472.xml [2009-07-26 16:13:36 | 000,000,991 | ---- | C] () -- C:\Documents and Settings\Hrabia\Dane aplikacji\DVDSubEdit.ini [2009-02-17 19:17:47 | 000,001,172 | ---- | C] () -- C:\Documents and Settings\Hrabia\Dane aplikacji\vso_ts_preview.xml [2009-02-17 19:17:35 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Hrabia\Dane aplikacji\inst.exe [2009-02-17 19:17:35 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Hrabia\Dane aplikacji\pcouffin.cat [2009-02-17 19:17:35 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Hrabia\Dane aplikacji\pcouffin.inf [2009-01-27 21:59:34 | 000,014,084 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\KGyGaAvL.sys [2009-01-27 21:59:34 | 000,000,248 | RHS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\00BC3912F1.sys [2008-07-26 18:09:29 | 000,000,085 | -HS- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\.zreglib [2008-07-23 22:55:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\LauncherAccess.dt [color=#E56717]========== ZeroAccess Check ==========[/color] [2008-07-23 19:57:51 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 19:20:47 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 19:20:57 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-11-26 18:08:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2012-10-29 15:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\188F1432-103A-4ffb-80F1-36B633C5C9E1(2) [2013-03-30 02:40:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ActiveSMART [2011-02-26 16:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alpha-NET [2010-07-15 21:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2012-07-05 00:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ask [2013-04-06 16:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2013-01-09 14:51:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Common Files [2012-07-06 10:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2013-03-30 02:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\FileOpen [2012-11-23 21:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2012-09-18 20:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GFI Software [2013-05-01 11:58:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Installations [2013-01-23 00:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MFAData [2013-03-30 02:57:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nitro [2012-12-28 01:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nitro Logic [2011-10-11 17:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Nokia [2011-10-11 17:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\NokiaInstallerCache [2012-12-28 01:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\page [2012-06-30 16:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite [2012-09-29 01:20:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Sony [2012-12-05 12:01:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TEMP [2013-01-15 20:19:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TuneUp Software [2012-12-12 14:46:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Ulead Systems [2013-01-15 20:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2013-01-15 20:27:20 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dane aplikacji\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013-01-10 20:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software [2012-11-24 18:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Auslogics [2012-09-29 19:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\avidemux [2012-10-20 15:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\BESTplayer [2012-12-05 11:50:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\BITS [2013-03-11 21:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\CAD-KAS [2012-05-01 10:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\com.adobe.downloadassistant.AdobeDownloadAssistant [2012-12-28 01:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\DonationCoder [2013-03-30 02:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Downloaded Installations [2013-06-11 14:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Dropbox [2012-07-06 10:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\DVDVideoSoft [2013-03-30 02:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\FileOpen [2012-12-05 11:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\FlashgetSetup [2010-11-09 21:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\GlobalSCAPE [2012-12-28 01:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Greenshot [2011-05-14 00:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Hide IP NG [2013-04-13 00:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\HoolappForAndroid [2009-02-19 15:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\IDS_COMPANY [2012-06-30 17:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\ImTOO [2013-03-06 19:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\IVONA ControlCenter [2011-11-11 17:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\ldoce5 [2008-12-19 09:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Leadertech [2010-08-17 19:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\NCH Swift Sound [2009-07-27 21:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\NeatImage SL [2013-05-26 11:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Nitro [2013-06-16 17:17:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Nitro PDF [2013-04-30 22:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Nokia [2012-11-23 21:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\ObviousIdea [2013-01-15 18:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Opera [2012-05-31 17:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Oracle [2012-12-05 12:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Orbit [2013-04-30 22:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\PC Suite [2012-06-16 10:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\PhotoScape [2012-12-05 11:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\ProgSense [2012-06-30 15:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Publish Providers [2011-03-11 00:08:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\SoftGrid Client [2010-03-27 20:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Software Informer [2012-11-28 21:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\SoMud [2011-05-17 14:25:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Steganos [2012-06-07 00:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\StoneTrip [2009-10-28 11:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\TG4 [2010-03-21 12:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Thunderbird [2013-01-15 20:18:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\TuneUp Software [2012-10-01 16:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\Ulead Systems [2012-10-30 17:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\VSRevoGroup [2013-05-05 01:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hrabia\Dane aplikacji\XnView [2012-09-18 11:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Ad-Aware Antivirus [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DE406C3E @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Dane aplikacji\TEMP:56E2E879 < End of report >