OTL logfile created on: 2014-02-17 01:45:20 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Użytkownik\Pulpit Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,99 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 67,51% Memory free 4,83 Gb Paging File | 3,88 Gb Available in Paging File | 80,31% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 39,06 Gb Total Space | 4,23 Gb Free Space | 10,84% Space Free | Partition Type: NTFS Drive D: | 35,47 Gb Total Space | 13,20 Gb Free Space | 37,20% Space Free | Partition Type: NTFS Computer Name: USER | User Name: Użytkownik | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-02-16 01:07:18 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2014-02-15 02:28:02 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2014-01-03 08:20:32 | 000,244,024 | ---- | M] (Maxthon International ltd.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe PRC - [2013-04-13 22:03:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Użytkownik\Pulpit\OTL.exe PRC - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe PRC - [2011-09-22 12:03:02 | 003,080,264 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe PRC - [2008-04-14 21:51:18 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-04 13:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files\EWA net\database\TransBase WIS\tbmux32.exe PRC - [2008-04-04 13:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files\EWA net\database\TransBase EWA\tbmux32.exe PRC - [2008-04-04 13:37:50 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files\EWA net\database\TransBase WIS\tbkern32.exe PRC - [2008-04-04 13:37:50 | 002,387,968 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files\EWA net\database\TransBase EWA\tbkern32.exe PRC - [2007-11-27 12:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) -- C:\Program Files\EWA net\database\TransBase EPC\tbmux32.exe PRC - [2007-05-10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe PRC - [2006-03-20 13:34:28 | 000,147,456 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrAdm.exe PRC - [2006-03-20 13:28:50 | 000,217,088 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrHis.exe PRC - [2006-03-20 13:23:04 | 001,302,528 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrAuf.exe PRC - [2006-03-20 13:17:40 | 000,368,640 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrPas.exe PRC - [2006-03-20 13:16:12 | 000,233,472 | ---- | M] (Volkswagen AG) -- C:\ElsaWin\bin\LcSvrDba.exe PRC - [2003-07-31 18:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) -- C:\Program Files\EWA net\server\bin\tomcat.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-02-15 02:27:59 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013-11-26 02:25:42 | 015,990,664 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\Npplugins\NPSWF32.dll MOD - [2013-11-21 07:37:14 | 000,109,336 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\libEGL.dll MOD - [2013-11-21 07:37:06 | 002,128,152 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\ffmpegsumo.dll MOD - [2013-11-21 07:37:06 | 000,887,064 | ---- | M] () -- C:\Program Files\Maxthon\Core\Webkit\libGLESv2.dll MOD - [2013-11-18 02:18:38 | 000,258,944 | ---- | M] () -- C:\Program Files\Maxthon\Bin\Maxzlib.dll MOD - [2013-11-18 02:18:36 | 000,232,760 | ---- | M] () -- C:\Program Files\Maxthon\Addons\Mobile\MxMobile.dll MOD - [2010-03-30 23:22:20 | 000,163,840 | ---- | M] () -- C:\Program Files\EWA net\apps\jre\private_jre\bin\server\jvm.dll MOD - [2008-04-04 13:23:42 | 000,166,912 | ---- | M] () -- C:\Program Files\EWA net\database\TransBase WIS\libmcrypt.dll MOD - [2008-04-04 13:23:42 | 000,166,912 | ---- | M] () -- C:\Program Files\EWA net\database\TransBase EWA\libmcrypt.dll MOD - [2008-04-04 13:23:42 | 000,036,864 | ---- | M] () -- C:\Program Files\EWA net\database\TransBase WIS\polycsr.dll MOD - [2008-04-04 13:23:42 | 000,036,864 | ---- | M] () -- C:\Program Files\EWA net\database\TransBase EWA\polycsr.dll MOD - [2007-04-02 17:19:22 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll MOD - [2006-03-20 13:23:08 | 000,023,552 | ---- | M] () -- C:\ElsaWin\bin\svraufps.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2014-02-16 01:07:18 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2014-02-15 02:28:00 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011-09-22 12:03:30 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn) SRV - [2008-04-04 13:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files\EWA net\database\TransBase WIS\tbmux32.exe -- (EWA net DB WIS) SRV - [2008-04-04 13:38:04 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files\EWA net\database\TransBase EWA\tbmux32.exe -- (EWA net DB Core) SRV - [2007-11-27 12:33:52 | 000,417,792 | ---- | M] (Transaction Software, D 81829 Munich) [Auto | Running] -- C:\Program Files\EWA net\database\TransBase EPC\tbmux32.exe -- (EWA net DB EPC) SRV - [2006-03-20 13:34:28 | 000,147,456 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\LcSvrAdm.exe -- (LcSvrAdm) SRV - [2006-03-20 13:28:50 | 000,217,088 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\LcSvrHis.exe -- (LcSvrHis) SRV - [2006-03-20 13:23:04 | 001,302,528 | ---- | M] (Volkswagen AG) [On_Demand | Running] -- C:\ElsaWin\bin\LcSvrAuf.exe -- (LcSvrAuf) SRV - [2006-03-20 13:17:40 | 000,368,640 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\LcSvrPas.exe -- (LcSvrPAS) SRV - [2006-03-20 13:16:12 | 000,233,472 | ---- | M] (Volkswagen AG) [Auto | Running] -- C:\ElsaWin\bin\LcSvrDba.exe -- (LcSvrDba) SRV - [2003-07-31 18:29:04 | 000,065,536 | ---- | M] (Alexandria Software Consulting) [Auto | Running] -- C:\Program Files\EWA net\server\bin\tomcat.exe -- (EWA net Server) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- D:\1\Pulpit\KALKI\DIGITAL KM\zlportio.sys -- (zlportio) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | Boot | Stopped] -- System32\DRIVERS\intelide.sys -- (IntelIde) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2014-02-07 00:02:37 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP) DRV - [2013-12-25 00:10:34 | 000,004,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\hostnt.sys -- (HOSTNT) DRV - [2013-07-12 14:29:12 | 000,065,896 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS) DRV - [2013-07-12 14:29:02 | 000,074,088 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K) DRV - [2011-08-09 14:24:52 | 000,154,136 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2011-08-09 09:37:28 | 000,039,824 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis) DRV - [2011-08-04 09:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw) DRV - [2011-08-04 09:20:38 | 000,061,936 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi) DRV - [2011-08-04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010-01-29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2009-03-26 12:31:58 | 000,132,352 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k) DRV - [2009-03-26 12:31:38 | 003,636,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) DRV - [2007-12-23 17:18:48 | 000,068,696 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2) DRV - [2007-05-10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2005-11-09 01:22:34 | 000,299,464 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6) DRV - [2004-10-15 16:49:22 | 000,029,292 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FTD2XX.sys -- (FTD2XX) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\..\SearchScopes,DefaultScope = {658A3AD1-8B96-4D4C-9D24-BD2A450D7BE8} IE - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\..\SearchScopes\{658A3AD1-8B96-4D4C-9D24-BD2A450D7BE8}: "URL" = http://szukaj.gazeta.pl/portalSearch.do?s.si(navigation).navigationEnabled=true&s.sm.query={searchTerms} IE - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\..\SearchScopes\{8CDE01D9-7F21-475D-B35D-8DA93836E1FE}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\..\SearchScopes\{CD645E35-45BA-492E-9233-B3BB2C6EE1A2}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "https://www.google.pl/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014-02-15 02:27:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-10-30 21:22:55 | 000,000,000 | ---D | M] [2013-10-27 23:35:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Mozilla\Extensions [2013-10-27 23:41:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Mozilla\Firefox\Profiles\v43dzm6a.default\extensions [2014-02-16 23:08:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2014-02-16 23:08:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2014-02-15 02:27:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-02-15 02:28:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2004-08-04 12:00:00 | 000,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx () O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe" File not found O4 - Startup: C:\Documents and Settings\Użytkownik\Menu Start\Programy\Autostart\TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (AKSoftware) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1343024091-920026266-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1383953565531 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 1.6.0_45) O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab (Java Plug-in 10.21.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2F42BD2-8685-4A3E-A26B-415D563DD334}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Handler\vw-wi {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll (TODO: ) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Użytkownik\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Użytkownik\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-10-27 23:01:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-02-17 01:30:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Użytkownik\Menu Start\Programy\WIS-ASRA [2014-02-17 00:01:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Użytkownik\Recent [2014-02-16 23:06:54 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2014-02-16 22:43:32 | 017,090,992 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Użytkownik\Pulpit\jre-6u45-windows-i586(1).exe [2014-02-16 21:27:15 | 017,516,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Użytkownik\Pulpit\jre-1_5_0_22-windows-i586-p.exe [2014-02-16 19:13:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Użytkownik\Pulpit\backups [2014-02-16 19:07:47 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Użytkownik\Pulpit\HijackThis_2.0.4.exe [2014-02-16 13:59:10 | 035,623,952 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Użytkownik\Moje dokumenty\Opera_19.0.1326.63_Setup.exe [2014-02-16 03:41:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Mael [2014-02-16 03:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\HxD Hex Editor [2014-02-16 03:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\HxD [2014-02-16 01:08:37 | 000,866,720 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2014-02-16 01:08:37 | 000,788,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2014-02-16 01:08:37 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2014-02-16 01:08:37 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2014-02-16 01:08:32 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2014-02-16 01:08:32 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2014-02-16 01:08:32 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2014-02-16 01:05:56 | 035,623,952 | ---- | C] (Opera Software ASA) -- C:\Documents and Settings\Użytkownik\Moje dokumenty\Opera_19.0.1326.63_Setup (1).exe [2014-02-16 00:56:50 | 000,000,000 | ---D | C] -- C:\FRST [2014-02-16 00:56:35 | 001,141,248 | ---- | C] (Farbar) -- C:\Documents and Settings\Użytkownik\Pulpit\FRST.exe [2014-02-15 17:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Użytkownik\Pulpit\mcu [2014-02-15 15:00:16 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dao360.dll [2014-02-15 02:27:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-02-15 01:32:16 | 001,044,168 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Użytkownik\Pulpit\vbrun60sp5.exe [2014-02-15 01:18:47 | 001,044,168 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Użytkownik\Moje dokumenty\vbrun60sp5(dobreprogramy.pl).exe [2014-02-15 00:30:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Użytkownik\Pulpit\MEUCCI_ENGINE_ECU_DECODING [2014-02-11 18:46:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014-02-11 18:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Malwarebytes [2014-02-11 18:44:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2014-02-10 22:45:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Użytkownik\Pulpit\OTL.exe [2014-02-10 02:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Maxthon Cloud Browser [2014-02-10 02:18:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Maxthon3 [2014-02-10 02:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\Maxthon [2014-02-07 00:02:37 | 000,002,368 | ---- | C] (AntiCracking) -- C:\WINDOWS\System32\SVKP.sys [2014-02-03 02:12:24 | 000,299,464 | ---- | C] (Jungo) -- C:\WINDOWS\System32\drivers\windrvr6.sys [2014-02-03 02:11:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Techstream [2014-02-02 00:45:57 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll [2014-01-24 22:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Foxit Software [2014-01-21 19:48:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Użytkownik\Pulpit\KEYGEN [2014-01-20 23:12:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Foxit Reader [2014-01-20 23:12:29 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [25 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-02-17 22:02:26 | 001,141,248 | ---- | M] (Farbar) -- C:\Documents and Settings\Użytkownik\Pulpit\FRST.exe [2014-02-17 01:33:08 | 000,000,327 | ---- | M] () -- C:\WINDOWS\ST6UNST.000 [2014-02-17 01:30:49 | 000,000,102 | ---- | M] () -- C:\Documents and Settings\Użytkownik\.ewanapi_cookie [2014-02-17 01:30:40 | 000,001,776 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\WIS-ASRA.lnk [2014-02-17 00:02:50 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2014-02-17 00:02:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-02-16 22:44:29 | 017,090,992 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Użytkownik\Pulpit\jre-6u45-windows-i586(1).exe [2014-02-16 21:27:49 | 017,516,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Użytkownik\Pulpit\jre-1_5_0_22-windows-i586-p.exe [2014-02-16 20:39:58 | 000,001,213 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\startApp.jnlp [2014-02-16 19:16:30 | 000,006,060 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\hijackthis_2 [2014-02-16 19:14:07 | 000,006,287 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\hijackthis_1 [2014-02-16 19:07:47 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Użytkownik\Pulpit\HijackThis_2.0.4.exe [2014-02-16 14:03:22 | 035,623,952 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Użytkownik\Moje dokumenty\Opera_19.0.1326.63_Setup.exe [2014-02-16 03:39:37 | 000,000,568 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\HxD.lnk [2014-02-16 01:09:34 | 035,623,952 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Użytkownik\Moje dokumenty\Opera_19.0.1326.63_Setup (1).exe [2014-02-16 01:07:37 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2014-02-16 01:07:13 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2014-02-16 01:07:13 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2014-02-16 01:07:12 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2014-02-16 01:07:12 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2014-02-16 01:07:09 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2014-02-16 01:07:09 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2014-02-15 01:33:24 | 000,001,462 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-8.1-codedownloader.job [2014-02-15 01:33:14 | 000,002,312 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-8.1-firefoxinstaller.job [2014-02-15 01:33:06 | 000,002,390 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-8.1-validator.job [2014-02-15 01:32:19 | 001,044,168 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Użytkownik\Pulpit\vbrun60sp5.exe [2014-02-15 01:18:43 | 001,044,168 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Użytkownik\Moje dokumenty\vbrun60sp5(dobreprogramy.pl).exe [2014-02-15 00:29:13 | 007,261,645 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\MEUCCI_ENGINE_ECU_DECODING.rar [2014-02-12 21:06:41 | 000,276,052 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\w220_geber_fahrpedal.zip [2014-02-12 21:05:16 | 000,306,185 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\w220_geber_fahrpedal.pdf [2014-02-11 19:15:46 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2014-02-11 19:15:46 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2014-02-11 18:36:46 | 000,001,125 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\w220.zip [2014-02-11 18:35:38 | 000,004,096 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\w220.bin [2014-02-10 02:18:57 | 000,000,734 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Maxthon Cloud Browser.lnk [2014-02-08 15:03:25 | 000,000,056 | ---- | M] () -- C:\WINDOWS\Acroread.ini [2014-02-07 16:10:02 | 000,004,096 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\cd30 wylogowanie radia corsa d.bin [2014-02-07 00:02:37 | 000,002,368 | ---- | M] (AntiCracking) -- C:\WINDOWS\System32\SVKP.sys [2014-02-06 23:59:21 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\uPD780948 EEprom_00.bin [2014-02-06 22:04:11 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\uPD780948 EEprom.bin [2014-02-05 11:47:40 | 000,004,096 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\e2prom [2014-02-04 21:35:25 | 000,189,811 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\świece ml.zip [2014-02-04 21:34:09 | 000,194,484 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\świece ml.pdf [2014-02-04 21:33:25 | 000,146,838 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\Schemat instalacji elektrycznej modułu sterującego Common-Rail Diesel Injection (CDI).pdf [2014-02-04 01:24:09 | 000,397,312 | ---- | M] () -- C:\WINDOWS\esi_kl01.dat [2014-02-02 21:04:27 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\cdi-otwarty.bin [2014-02-02 21:01:47 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\A0001531479 0281010223 EDC CR1.8 2.2L 4ZYL 24C04 nie kreci.bin [2014-02-02 19:37:49 | 000,075,296 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Moje dokumenty\terr.pdf [2014-02-01 23:57:54 | 000,444,079 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\FIPAN03GBB.PDF.zip [2014-02-01 23:52:42 | 000,444,358 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\FIPAN03GBB.PDF.pdf [2014-01-26 12:18:12 | 000,054,391 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\mercedes hybrid.jpg [2014-01-22 23:41:48 | 000,241,844 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\Laguna II.jpg [2014-01-21 19:49:12 | 000,621,644 | ---- | M] () -- C:\Documents and Settings\Użytkownik\Pulpit\KEYGEN.zip [2014-01-20 23:12:50 | 000,001,703 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk [2014-01-19 02:57:11 | 000,000,030 | ---- | M] () -- C:\WINDOWS\TextSpy.ini [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [25 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-02-17 01:33:08 | 000,000,327 | ---- | C] () -- C:\WINDOWS\ST6UNST.000 [2014-02-16 20:39:55 | 000,001,213 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\startApp.jnlp [2014-02-16 19:16:29 | 000,006,060 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\hijackthis_2 [2014-02-16 19:14:07 | 000,006,287 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\hijackthis_1 [2014-02-16 03:39:37 | 000,000,568 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\HxD.lnk [2014-02-15 01:33:24 | 000,001,462 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-8.1-codedownloader.job [2014-02-15 01:33:13 | 000,002,312 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-8.1-firefoxinstaller.job [2014-02-15 01:33:06 | 000,002,390 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-8.1-validator.job [2014-02-15 00:29:00 | 007,261,645 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\MEUCCI_ENGINE_ECU_DECODING.rar [2014-02-12 21:06:41 | 000,276,052 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\w220_geber_fahrpedal.zip [2014-02-12 21:05:08 | 000,306,185 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\w220_geber_fahrpedal.pdf [2014-02-11 18:36:45 | 000,001,125 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\w220.zip [2014-02-11 18:35:38 | 000,004,096 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\w220.bin [2014-02-11 18:33:49 | 000,004,096 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\e2prom [2014-02-10 22:43:41 | 000,377,856 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\GMER.exe [2014-02-10 02:18:57 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Maxthon Cloud Browser.lnk [2014-02-07 20:24:13 | 000,004,096 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\cd30 wylogowanie radia corsa d.bin [2014-02-06 23:59:21 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\uPD780948 EEprom_00.bin [2014-02-06 22:35:26 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\uPD780948 EEprom.bin [2014-02-04 21:35:25 | 000,189,811 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\świece ml.zip [2014-02-04 21:34:08 | 000,194,484 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\świece ml.pdf [2014-02-04 21:32:15 | 000,146,838 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\Schemat instalacji elektrycznej modułu sterującego Common-Rail Diesel Injection (CDI).pdf [2014-02-02 21:04:27 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\cdi-otwarty.bin [2014-02-02 21:01:47 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\A0001531479 0281010223 EDC CR1.8 2.2L 4ZYL 24C04 nie kreci.bin [2014-02-02 19:37:49 | 000,075,296 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Moje dokumenty\terr.pdf [2014-02-01 23:57:53 | 000,444,079 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\FIPAN03GBB.PDF.zip [2014-02-01 23:52:40 | 000,444,358 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\FIPAN03GBB.PDF.pdf [2014-01-26 12:19:18 | 000,054,391 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\mercedes hybrid.jpg [2014-01-23 01:36:30 | 000,241,844 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\Laguna II.jpg [2014-01-21 19:49:11 | 000,621,644 | ---- | C] () -- C:\Documents and Settings\Użytkownik\Pulpit\KEYGEN.zip [2014-01-20 23:12:50 | 000,001,703 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Foxit Reader.lnk [2014-01-07 21:17:00 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\USB_IO.dll [2014-01-07 21:17:00 | 000,000,071 | ---- | C] () -- C:\WINDOWS\System32\FTD2XXUN.ini [2013-12-25 00:10:34 | 000,004,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hostnt.sys [2013-11-23 22:29:29 | 000,001,882 | ---- | C] () -- C:\WINDOWS\RBSystem.ini [2013-11-23 22:29:26 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\dtctrace.dll [2013-11-23 22:29:25 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\xcd73532.dll [2013-11-23 22:29:25 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\PWUtility.dll [2013-11-23 22:29:09 | 000,397,312 | ---- | C] () -- C:\WINDOWS\esi_kl01.dat [2013-11-23 22:28:57 | 000,655,360 | ---- | C] () -- C:\WINDOWS\System32\dslang32.dll [2013-11-23 22:28:57 | 000,327,680 | ---- | C] () -- C:\WINDOWS\System32\ldf251.dll [2013-11-22 07:00:58 | 000,154,336 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2013-11-09 01:07:36 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2013-11-05 23:01:55 | 000,216,064 | ---- | C] () -- C:\WINDOWS\System32\gcapi_dll.dll [2013-11-05 22:46:37 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\Ament.ini [2013-10-28 21:44:29 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini [2013-10-28 21:36:03 | 000,000,056 | ---- | C] () -- C:\WINDOWS\Acroread.ini [2013-10-28 20:52:35 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe [2013-10-28 20:47:21 | 000,000,571 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2013-10-28 20:16:15 | 000,000,102 | ---- | C] () -- C:\Documents and Settings\Użytkownik\.ewanapi_cookie [2013-10-28 18:38:53 | 000,001,606 | ---- | C] () -- C:\WINDOWS\System32\font.ini [2013-10-27 23:52:20 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2013-10-27 23:51:04 | 000,126,912 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-10-27 23:11:37 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll [2013-10-27 23:03:58 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013-10-27 22:58:10 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2013-03-14 02:11:40 | 000,000,540 | ---- | C] () -- C:\WINDOWS\System32\drivers\gzsfvj.sys [2013-01-16 01:37:58 | 000,002,818 | ---- | C] () -- C:\WINDOWS\System32\4ufsuf.dll [2013-01-16 01:37:58 | 000,002,230 | ---- | C] () -- C:\WINDOWS\System32\fuwdw.dll [2013-01-16 01:37:58 | 000,001,950 | ---- | C] () -- C:\WINDOWS\System32\onlikl.dll [2013-01-16 01:37:58 | 000,001,754 | ---- | C] () -- C:\WINDOWS\System32\tes56.dll [2013-01-16 01:37:58 | 000,000,564 | ---- | C] () -- C:\WINDOWS\System32\jpvv.dll [2013-01-16 01:37:58 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\vjzv.dll [2013-01-16 01:37:58 | 000,000,368 | ---- | C] () -- C:\WINDOWS\System32\ghis.dll [2013-01-16 01:37:58 | 000,000,354 | ---- | C] () -- C:\WINDOWS\System32\suzihlh.dll [2013-01-16 01:37:58 | 000,000,074 | ---- | C] () -- C:\WINDOWS\System32\uzvu.dll [2013-01-16 01:37:58 | 000,000,074 | ---- | C] () -- C:\WINDOWS\System32\fsuvzu.dll [2013-01-16 01:37:58 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\xfsu.dll [2013-01-16 01:37:58 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\uzjvzj.dll [2013-01-16 01:37:58 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\xfshig.dll [2013-01-16 01:37:58 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\kiizu.dll [2013-01-16 01:37:58 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\fzuuzv.dll [2013-01-16 01:37:57 | 000,022,026 | ---- | C] () -- C:\WINDOWS\System32\nbvhibn.dll [2013-01-16 01:37:47 | 000,014,228 | ---- | C] () -- C:\WINDOWS\System32\txjocvso.dll [2013-01-16 01:37:40 | 000,004,680 | ---- | C] () -- C:\WINDOWS\System32\mzodi.dll [2013-01-16 01:37:37 | 000,012,282 | ---- | C] () -- C:\WINDOWS\System32\qbmnfs.dll [2013-01-16 01:37:33 | 000,014,942 | ---- | C] () -- C:\WINDOWS\System32\sbznpoe.dll [2013-01-16 01:37:26 | 000,008,502 | ---- | C] () -- C:\WINDOWS\System32\bdiftpo.dll [2013-01-16 01:37:22 | 000,004,988 | ---- | C] () -- C:\WINDOWS\System32\fjqtufjo.dll [2013-01-16 01:37:20 | 000,005,002 | ---- | C] () -- C:\WINDOWS\System32\wjpmfu.dll [2013-01-16 01:37:17 | 000,000,746 | ---- | C] () -- C:\WINDOWS\System32\xbmupo.dll [2013-01-16 01:37:17 | 000,000,662 | ---- | C] () -- C:\WINDOWS\System32\abdibsjb.dll [2013-01-16 01:37:17 | 000,000,508 | ---- | C] () -- C:\WINDOWS\System32\disjtupq.dll [2013-01-16 01:37:17 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\tfojps.dll [2012-12-20 07:11:27 | 001,437,696 | ---- | C] () -- C:\WINDOWS\System32\SPicture.dll [2012-10-23 01:59:26 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\vp3io.dll [2012-10-23 01:59:17 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\vp6io.dll [color=#E56717]========== ZeroAccess Check ==========[/color] [2013-11-09 00:13:28 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 21:50:48 | 001,778,688 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 11:53:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 21:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-10-30 21:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2013-10-27 23:52:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Foxit Software [2013-10-30 21:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\ESET [2014-01-20 23:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Foxit Software [2013-10-28 20:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\InterTrust [2014-02-16 03:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Mael [2014-02-10 02:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Maxthon3 [2013-12-21 00:27:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\OpenOffice.org [2014-01-12 01:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Opera Software [2013-12-25 15:31:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Użytkownik\Dane aplikacji\Sony [color=#E56717]========== Purity Check ==========[/color] < End of report >