OTL logfile created on: 2014-01-18 19:03:39 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\L01\Pulpit\Moje ściągnięte pliki Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 0,91 Gb Available Physical Memory | 45,34% Memory free 3,85 Gb Paging File | 2,79 Gb Available in Paging File | 72,47% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 48,83 Gb Total Space | 12,65 Gb Free Space | 25,90% Space Free | Partition Type: NTFS Drive D: | 184,05 Gb Total Space | 37,25 Gb Free Space | 20,24% Space Free | Partition Type: NTFS Computer Name: XXX-74837414E5A | User Name: L01 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-01-18 19:02:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\L01\Pulpit\Moje ściągnięte pliki\OTL.exe PRC - [2014-01-16 18:05:12 | 000,097,056 | ---- | M] () -- C:\Program Files\LinkSwift\updateLinkSwift.exe PRC - [2014-01-16 17:32:09 | 000,097,056 | ---- | M] () -- C:\Program Files\LinkSwift\bin\utilLinkSwift.exe PRC - [2014-01-11 11:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe PRC - [2014-01-10 17:28:28 | 000,766,656 | ---- | M] () -- C:\Program Files\Mobogenie\DaemonProcess.exe PRC - [2014-01-10 17:28:28 | 000,063,168 | ---- | M] () -- C:\Program Files\Mobogenie\MgAssist.exe PRC - [2014-01-06 02:24:11 | 000,195,536 | ---- | M] (APN LLC.) -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\VNT\vntldr.exe PRC - [2014-01-06 02:24:11 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe PRC - [2014-01-06 02:24:04 | 001,757,648 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe PRC - [2013-12-19 18:50:13 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) -- C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe PRC - [2010-04-12 04:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe PRC - [2004-08-03 22:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-01-17 21:49:48 | 004,591,616 | ---- | M] () -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\SwiftShader\1.0.5.0\libGLESv2.dll MOD - [2014-01-17 21:49:48 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\SwiftShader\1.0.5.0\libEGL.dll MOD - [2014-01-16 18:05:12 | 000,097,056 | ---- | M] () -- C:\Program Files\LinkSwift\updateLinkSwift.exe MOD - [2014-01-16 17:32:09 | 000,097,056 | ---- | M] () -- C:\Program Files\LinkSwift\bin\utilLinkSwift.exe MOD - [2014-01-11 11:29:21 | 000,399,640 | ---- | M] () -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll MOD - [2014-01-11 11:29:19 | 013,615,896 | ---- | M] () -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll MOD - [2014-01-11 11:29:17 | 004,055,320 | ---- | M] () -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\32.0.1700.76\pdf.dll MOD - [2014-01-11 11:28:11 | 001,634,584 | ---- | M] () -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll MOD - [2014-01-10 17:28:28 | 000,766,656 | ---- | M] () -- C:\Program Files\Mobogenie\DaemonProcess.exe MOD - [2014-01-10 17:28:28 | 000,471,040 | ---- | M] () -- C:\Program Files\Mobogenie\DCR.dll MOD - [2014-01-10 17:28:28 | 000,063,168 | ---- | M] () -- C:\Program Files\Mobogenie\MgAssist.exe MOD - [2014-01-10 17:28:28 | 000,061,440 | ---- | M] () -- C:\Program Files\Mobogenie\Device.dll MOD - [2010-09-17 10:30:20 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll MOD - [2010-09-17 10:30:13 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll MOD - [2010-09-17 10:29:12 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll MOD - [2010-09-17 10:16:14 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll MOD - [2010-09-17 10:16:09 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll MOD - [2010-09-17 10:15:57 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll MOD - [2010-09-17 10:12:27 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll MOD - [2010-09-17 10:11:53 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010-09-17 10:11:52 | 003,182,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2010-09-17 10:11:50 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010-09-17 10:11:44 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll MOD - [2010-09-13 21:16:49 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll MOD - [2009-04-15 20:42:34 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2004-08-03 22:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2014-01-16 18:05:12 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\LinkSwift\updateLinkSwift.exe -- (Update LinkSwift) SRV - [2014-01-16 17:32:09 | 000,097,056 | ---- | M] () [Auto | Running] -- C:\Program Files\LinkSwift\bin\utilLinkSwift.exe -- (Util LinkSwift) SRV - [2014-01-10 17:28:28 | 000,063,168 | ---- | M] () [Auto | Running] -- C:\Program Files\Mobogenie\MgAssist.exe -- (MgAssistService) SRV - [2014-01-06 02:24:11 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP) SRV - [2013-12-19 18:50:13 | 000,499,856 | ---- | M] (Cherished Technololgy LIMITED) [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\WPM\wprotectmanager.exe -- (Wpm) SRV - [2013-12-01 18:45:40 | 000,148,976 | ---- | M] (BonanzaDeals) [On_Demand | Stopped] -- C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe -- (bonanzadealslivem) SRV - [2013-12-01 18:45:40 | 000,148,976 | ---- | M] (BonanzaDeals) [Auto | Stopped] -- C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe -- (bonanzadealslive) SRV - [2012-07-13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2010-04-12 04:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService) SRV - [2007-08-07 23:08:40 | 000,094,208 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnet.sys -- (ZTEusbnet) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ah0ffe9b) DRV - [2010-05-04 21:03:11 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2010-04-09 13:16:50 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio) DRV - [2010-04-09 13:16:46 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio) DRV - [2009-09-03 20:16:09 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2009-03-24 18:35:00 | 005,056,000 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2009-03-17 16:18:38 | 000,102,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-02-13 17:00:02 | 001,503,840 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416) DRV - [2009-01-22 15:25:26 | 000,120,064 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2008-08-25 17:22:40 | 000,014,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu) DRV - [2008-08-11 09:14:12 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) DRV - [2008-08-05 19:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2008-05-15 11:07:00 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) DRV - [2008-04-07 13:00:46 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CRFILTER.sys -- (CRFILTER) DRV - [2007-08-24 10:46:48 | 000,005,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor) DRV - [2007-07-24 10:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP) DRV - [2006-01-04 14:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1387475398&from=cor&uid=ST9250315AS_5VCCCKLSXXXX5VCCCKLS&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1387475398&from=cor&uid=ST9250315AS_5VCCCKLSXXXX5VCCCKLS&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.bing.com/search?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2000478354-1580818891-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKU\S-1-5-21-2000478354-1580818891-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1387475398&from=cor&uid=ST9250315AS_5VCCCKLSXXXX5VCCCKLS&q={searchTerms} IE - HKU\S-1-5-21-2000478354-1580818891-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1387475398&from=cor&uid=ST9250315AS_5VCCCKLSXXXX5VCCCKLS&q={searchTerms} IE - HKU\S-1-5-21-2000478354-1580818891-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-2000478354-1580818891-725345543-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2000478354-1580818891-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550 FF - prefs.js..extensions.enabledItems: IplextoALL@ALLPlayer.org:0.1.0 FF - prefs.js..extensions.enabledItems: {96f454ea-9d38-474f-b504-56193e00c1a5}:10.22.3.18 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3: C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF - HKLM\Software\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9: C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-09-27 22:09:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-03-24 20:28:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dde15e35-c9b3-4c30-b055-730c5f4a45d3}: C:\Program Files\Lyrmix\133.xpi [2013-10-29 23:36:40 | 000,005,166 | ---- | M] () [2009-09-03 20:19:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Extensions [2013-12-03 16:33:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profiles\jrzjcfem.default\extensions [2010-09-12 19:56:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profiles\jrzjcfem.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-12-01 18:47:54 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profiles\jrzjcfem.default\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2013-12-01 18:45:30 | 000,000,000 | ---D | M] (BonanzaDeals) -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profiles\jrzjcfem.default\extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca} [2010-05-04 21:03:14 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profiles\jrzjcfem.default\extensions\DTToolbar@toolbarnet.com [2013-10-06 19:47:00 | 000,000,000 | ---D | M] (Iplex to ALLPlayer) -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profiles\jrzjcfem.default\extensions\IplextoALL@ALLPlayer.org [2013-12-01 18:47:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profiles\jrzjcfem.default\extensions\staged [2013-12-01 18:47:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profilesjrzjcfem.default\extensions [2013-12-01 18:47:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profilesjrzjcfem.default\extensions\staged [2010-05-04 21:03:12 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\L01\Dane aplikacji\Mozilla\Firefox\Profiles\jrzjcfem.default\searchplugins\daemon-search.xml [2013-10-06 19:47:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011-06-22 15:30:01 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010-10-01 17:50:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-12-05 14:33:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-10-01 17:50:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010-09-15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-12-28 14:51:20 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2011-12-28 14:51:20 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2011-12-28 14:51:20 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2011-12-28 14:51:20 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2011-12-28 14:51:20 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2011-12-28 14:51:20 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://www.google.pl/ CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\32.0.1700.76\pdf.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Update\1.3.22.3\npGoogleUpdate3.dll CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: BonanzaDealsLive Update (Enabled) = C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - Extension: Ask Toolbar = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\aaaailpifkkekipiachodfkfmgmiapmp\31.9_0\ CHR - Extension: YouTube = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\ CHR - Extension: Szukaj w Google = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: BonanzaDeals = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\4.9.0.9_0\ CHR - Extension: WebSite Recommendation = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\jopdpbolklklaiookikgmdinfbooiipj\4.2_0\ CHR - Extension: Lyrmix = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\kidmhllhjmmmnpbiaihafgchacpmokof\1.133_0\ CHR - Extension: Skype Extension = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\ CHR - Extension: Google Wallet = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\ CHR - Extension: LinkSwift = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\odpccdgkmiicgocepijnaeihjnjnomca\1.0.0_0\ CHR - Extension: Gmail = C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2003-04-16 11:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (LinkSwift) - {323420b6-65e5-4657-8106-a27392d4d4aa} - C:\Program Files\LinkSwift\LinkSwiftBHO.dll (LinkSwift) O2 - BHO: (Lyrmix) - {804efe7d-a8d7-4351-a6df-014d1ed7c6fc} - C:\Program Files\Lyrmix\133.dll () O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.) O2 - BHO: (BonanzaDeals) - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-2000478354-1580818891-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [VNT] C:\Program Files\VNT\vntldr.exe (APN LLC.) O4 - HKU\S-1-5-21-2000478354-1580818891-725345543-1003..\Run: [ChomikBox] C:\Program Files\ChomikBox\chomikbox.exe ( ) O4 - HKU\S-1-5-21-2000478354-1580818891-725345543-1003..\Run: [Facebook Update] C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-2000478354-1580818891-725345543-1003..\Run: [NextLive] C:\Documents and Settings\L01\Dane aplikacji\newnext.me\nengine.dll (NewNextDotMe) O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10b.exe (Adobe Systems, Inc.) O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10b.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2000478354-1580818891-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26ACAB0E-E447-4E79-933C-C2A595268E4E}: DhcpNameServer = 192.168.1.20 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 () - http://www.fishing.org.pl/attachment.php?attachmentid=7627&amp;d=1326712193 O24 - Desktop Components:1 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-09-03 19:47:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{20cdb51c-9249-11e2-b9f8-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{20cdb51c-9249-11e2-b9f8-e0cb4e36a944}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{3a9ed525-746d-11e2-b994-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{3a9ed525-746d-11e2-b994-e0cb4e36a944}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs O33 - MountPoints2\{3a9ed526-746d-11e2-b994-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{3a9ed526-746d-11e2-b994-e0cb4e36a944}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs O33 - MountPoints2\{3ad5be44-ac96-11df-ae73-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{3ad5be44-ac96-11df-ae73-e0cb4e36a944}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{3b404554-1bda-11df-ac5e-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{3b404554-1bda-11df-ac5e-e0cb4e36a944}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{4e0a0701-7b47-11e1-b6a0-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{4e0a0701-7b47-11e1-b6a0-e0cb4e36a944}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe O33 - MountPoints2\{550f9cd4-e52c-11df-af25-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{550f9cd4-e52c-11df-af25-e0cb4e36a944}\Shell\AutoRun\command - "" = I:\LGAutoRun.exe O33 - MountPoints2\{6c98f9a2-bab3-11df-ae98-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{6c98f9a2-bab3-11df-ae98-e0cb4e36a944}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{7e026062-e429-11df-af21-e0cb4e36a944}\Shell\AutoRun\command - "" = lpl.exe O33 - MountPoints2\{7e026062-e429-11df-af21-e0cb4e36a944}\Shell\open\Command - "" = lpl.exe O33 - MountPoints2\{9c8081ac-32bb-11e3-bbaf-e0cb4e36a944}\Shell\AutoRun\command - "" = F:\uxkl0apt.bat O33 - MountPoints2\{9c8081ac-32bb-11e3-bbaf-e0cb4e36a944}\Shell\open\Command - "" = F:\uxkl0apt.bat O33 - MountPoints2\{a797eb95-1bdf-11df-ac63-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{a797eb95-1bdf-11df-ac63-e0cb4e36a944}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{d2ca1f74-c428-11e0-b38b-e0cb4e36a944}\Shell\AutoRun\command - "" = I:\uxkl0apt.bat O33 - MountPoints2\{d2ca1f74-c428-11e0-b38b-e0cb4e36a944}\Shell\open\Command - "" = I:\uxkl0apt.bat O33 - MountPoints2\{f0a997d2-70f3-11e0-b1bc-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{f0a997d2-70f3-11e0-b1bc-e0cb4e36a944}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{f6fa9b30-923f-11e2-b9f5-e0cb4e36a944}\Shell - "" = AutoRun O33 - MountPoints2\{f6fa9b30-923f-11e2-b9f5-e0cb4e36a944}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe pagefile.sys.vbs O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-01-18 18:57:46 | 000,000,000 | ---D | C] -- C:\FRST [2014-01-18 18:44:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\L01\Recent [2014-01-07 22:33:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\L01\Dane aplikacji\NapiProjekt [2013-12-26 20:33:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\ChomikBox [2013-12-26 20:33:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Chomikuj.pl [2013-12-26 20:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\ChomikBox [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-01-18 19:01:00 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2014-01-18 18:55:18 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2000478354-1580818891-725345543-1003UA.job [2014-01-18 18:55:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2000478354-1580818891-725345543-1003Core.job [2014-01-18 18:51:00 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\BonanzaDealsLiveUpdateTaskMachineUA.job [2014-01-18 18:51:00 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\BonanzaDealsLiveUpdateTaskMachineCore.job [2014-01-18 18:46:34 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\Lyrmix Update.job [2014-01-18 18:46:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2014-01-18 18:46:28 | 000,229,048 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2014-01-18 18:45:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-01-18 18:34:08 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2014-01-18 18:10:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1580818891-725345543-1003UA.job [2014-01-18 14:25:39 | 000,050,089 | ---- | M] () -- C:\Documents and Settings\L01\Pulpit\łóżko.jpeg [2014-01-18 12:14:01 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2014-01-18 09:10:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1580818891-725345543-1003Core.job [2014-01-17 13:31:12 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-12-28 14:32:56 | 000,033,792 | -H-- | M] () -- C:\Documents and Settings\L01\Pulpit\photothumb.db [2013-12-20 20:12:02 | 000,002,286 | ---- | M] () -- C:\Documents and Settings\L01\Pulpit\internet.lnk [2013-12-20 20:12:02 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\L01\Pulpit\Mozilla Firefox.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-01-18 18:50:06 | 000,000,994 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2000478354-1580818891-725345543-1003UA.job [2014-01-18 18:50:06 | 000,000,972 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2000478354-1580818891-725345543-1003Core.job [2014-01-18 14:25:39 | 000,050,089 | ---- | C] () -- C:\Documents and Settings\L01\Pulpit\łóżko.jpeg [2013-12-31 16:45:21 | 000,000,005 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\WBPU-Q5-TTL.DAT [2013-10-30 20:24:03 | 000,263,866 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2013-10-06 19:47:03 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll [2013-09-30 19:01:02 | 000,000,110 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\WB.CFG [2013-09-30 19:01:02 | 000,000,005 | ---- | C] () -- C:\Documents and Settings\NetworkService\Dane aplikacji\WBPU-TTL.DAT [2011-05-04 10:01:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\L01\jagex_runescape_preferences.dat [2010-05-04 21:15:19 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\L01\Dane aplikacji\PnkBstrK.sys [2010-02-18 11:30:34 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\L01\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2010-05-04 21:17:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010-04-16 16:37:03 | 001,506,304 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:22:07 | 000,473,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 22:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2010-05-21 20:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2013-12-19 18:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\APN [2013-12-19 18:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AskPartnerNetwork [2013-12-01 18:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BonanzaDealsLive [2010-05-04 21:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2010-07-21 17:03:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2013-10-30 19:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Iminent [2012-10-26 22:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2013-12-19 18:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\WPM [2013-12-19 18:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\YTD Video Downloader [2013-12-20 20:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\aartemis [2010-02-17 19:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\ACD Systems [2013-06-26 15:45:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\BESTplayer [2010-02-17 18:38:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\Codeton [2010-05-04 21:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\DAEMON Tools Lite [2013-09-29 18:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\DigitalSite [2013-10-29 22:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\driver [2010-02-18 17:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\Gadu-Gadu [2012-02-08 20:51:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\Gadu-Gadu 10 [2013-10-30 19:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\Iminent [2014-01-07 22:33:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\NapiProjekt [2014-01-18 18:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\newnext.me [2013-12-20 20:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\Nico Mak Computing [2010-07-21 17:09:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\OpenFM [2013-12-01 18:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\SimilarSites [2013-10-30 07:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\systweak [2013-11-09 22:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\Unity [2014-01-13 15:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\L01\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\L01\Pulpit\DSCF0323.MOV:SummaryInformation < End of report >