OTL logfile created on: 2014-08-23 12:53:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kuba\Moje dokumenty\Pobrane Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1,93 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 67,85% Memory free 3,78 Gb Paging File | 3,29 Gb Available in Paging File | 87,12% Paging File free Paging file location(s): D:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 0,52 Gb Free Space | 1,76% Space Free | Partition Type: NTFS Drive D: | 119,75 Gb Total Space | 113,64 Gb Free Space | 94,90% Space Free | Partition Type: NTFS Drive F: | 4,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ZZZ-9FD4CB322CA | User Name: Kuba | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-08-23 12:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kuba\Moje dokumenty\Pobrane\OTL.exe PRC - [2014-08-21 19:42:39 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2014-08-18 13:48:10 | 003,600,728 | ---- | M] (Electronic Arts) -- D:\Origin\Origin.exe PRC - [2014-05-22 16:57:47 | 000,138,240 | RHS- | M] () -- C:\Documents and Settings\Kuba\buaage.exe PRC - [2014-05-08 14:17:46 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\blueconnect\DataCardMonitor.exe PRC - [2014-01-04 18:12:15 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013-08-28 13:04:20 | 000,493,824 | ---- | M] () -- C:\Program Files\Hostless Modem\USB device MF63\ShowTip.exe PRC - [2013-08-28 13:04:20 | 000,446,208 | ---- | M] () -- C:\Program Files\Hostless Modem\USB device MF63\CancelAutoPlay_df.exe PRC - [2013-08-28 13:04:19 | 000,459,008 | ---- | M] () -- C:\Program Files\Hostless Modem\USB device MF63\CheckNDISPort_df.exe PRC - [2013-07-08 11:42:48 | 001,922,600 | ---- | M] (Pandora.TV) -- C:\Program Files\PANDORA.TV\PanService\KMPService.exe PRC - [2013-07-08 11:42:38 | 001,798,696 | ---- | M] (PandoraTV) -- C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe PRC - [2009-06-23 16:43:40 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Documents and Settings\Kuba\Dane aplikacji\blueconnect\ouc.exe PRC - [2008-04-14 22:51:18 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-08-21 19:42:28 | 003,800,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2014-08-18 13:48:01 | 000,962,560 | ---- | M] () -- D:\Origin\platforms\qwindows.dll MOD - [2014-08-18 13:47:59 | 000,302,592 | ---- | M] () -- D:\Origin\imageformats\qtiff.dll MOD - [2014-08-18 13:47:59 | 000,261,632 | ---- | M] () -- D:\Origin\imageformats\qmng.dll MOD - [2014-08-18 13:47:59 | 000,217,088 | ---- | M] () -- D:\Origin\imageformats\qjpeg.dll MOD - [2014-08-18 13:47:59 | 000,019,968 | ---- | M] () -- D:\Origin\imageformats\qtga.dll MOD - [2014-08-18 13:47:59 | 000,018,944 | ---- | M] () -- D:\Origin\imageformats\qwbmp.dll MOD - [2014-08-18 13:47:58 | 000,025,088 | ---- | M] () -- D:\Origin\imageformats\qico.dll MOD - [2014-08-18 13:47:58 | 000,024,064 | ---- | M] () -- D:\Origin\imageformats\qgif.dll MOD - [2014-05-22 16:57:47 | 000,138,240 | RHS- | M] () -- C:\Documents and Settings\Kuba\buaage.exe MOD - [2013-08-28 13:04:20 | 000,493,824 | ---- | M] () -- C:\Program Files\Hostless Modem\USB device MF63\ShowTip.exe MOD - [2013-08-28 13:04:20 | 000,446,208 | ---- | M] () -- C:\Program Files\Hostless Modem\USB device MF63\CancelAutoPlay_df.exe MOD - [2013-08-28 13:04:19 | 000,459,008 | ---- | M] () -- C:\Program Files\Hostless Modem\USB device MF63\CheckNDISPort_df.exe MOD - [2012-10-22 12:21:42 | 001,277,952 | ---- | M] () -- C:\Program Files\PANDORA.TV\PanService\avformat-53.dll MOD - [2012-07-09 18:57:30 | 002,090,496 | ---- | M] () -- C:\Program Files\PANDORA.TV\PanService\avcodec-53.dll MOD - [2012-03-23 11:07:34 | 000,224,768 | ---- | M] () -- C:\Program Files\PANDORA.TV\PanService\libupnp.dll MOD - [2011-12-06 17:19:48 | 000,133,632 | ---- | M] () -- C:\Program Files\PANDORA.TV\PanService\avutil-51.dll MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2008-04-14 22:50:38 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2014-08-21 19:42:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014-03-14 23:23:37 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014-01-04 18:12:15 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013-07-08 11:42:48 | 001,922,600 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\KMPService.exe -- (PanService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ZTEusbnet.sys -- (ZTEusbnet) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\01.tmp -- (ryaatjfr) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandnetndis.sys -- (andnetndis) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandnetmodem.sys -- (ANDNetModem) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgandnetdiag.sys -- (AndNetDiag) DRV - [2013-11-25 19:25:59 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2013-05-02 15:23:30 | 007,484,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwNx32.sys -- (NETwNx32) DRV - [2013-04-26 14:43:43 | 000,098,504 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2011-12-13 18:27:30 | 007,069,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2009-11-18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-06-22 19:38:16 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-06-22 19:24:46 | 000,100,480 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev) DRV - [2009-02-27 15:39:18 | 000,007,552 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewfiltertdidriver.sys -- (filtertdidriver) DRV - [2005-08-18 00:00:00 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt -- (EverestDriver) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=NIS&pvid=21.2.0.38 IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-12-27 22:46:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Extensions [2014-08-21 19:30:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\mkuv28cb.default-1397054972706\extensions [2014-03-03 19:42:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles2rgcq8cg.default-1393092287437\extensions [2014-03-03 19:42:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles2rgcq8cg.default-1393092287437\extensions\staged [2014-08-21 19:30:54 | 000,967,685 | ---- | M] () (No name found) -- C:\Documents and Settings\Kuba\Dane aplikacji\Mozilla\Firefox\Profiles\mkuv28cb.default-1397054972706\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-21 19:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2014-08-21 19:42:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2014-03-25 17:38:30 | 000,000,559 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 178.217.187.203 sm1.setmaster.pro O1 - Hosts: 178.217.187.203 ms.magesy.ru O1 - Hosts: 178.217.187.203 sm2.setmaster.pro O1 - Hosts: 178.217.187.203 valve-master-server.com O1 - Hosts: 178.217.187.203 ms.cs-servera.net O1 - Hosts: 178.217.187.203 ms.turbo-boost.ru O1 - Hosts: 178.217.187.203 ms.extraboost.ru O1 - Hosts: 178.217.187.203 ms.cs-monitor.ru O1 - Hosts: 178.217.187.203 ro.setmaster.net O1 - Hosts: 178.217.187.203 n1.bans.org.ua O1 - Hosts: 178.217.187.203 n2.bans.org.ua O1 - Hosts: 178.217.187.203 1.masterserver.su O1 - Hosts: 178.217.187.203 2.masterserver.su O1 - Hosts: 178.217.187.203 ms.megafrag.ru O1 - Hosts: 178.217.187.203 balkan.masterserver.me O1 - Hosts: 178.217.187.203 ms.cyber-monitoring.ru O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4 - HKLM..\Run: [CancelAutoPlay_df] C:\Program Files\Hostless Modem\USB device MF63\CancelAutoPlay_df.exe () O4 - HKLM..\Run: [CheckNDISPortF0acE3] C:\Program Files\Hostless Modem\USB device MF63\CheckNDISPort_df.exe () O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\blueconnect\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe (MediaCodec.Org) O4 - HKCU..\Run: [buaage] C:\Documents and Settings\Kuba\buaage.exe () O4 - HKCU..\Run: [EADM] D:\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [HW_OPENEYE_OUC_blueconnect] C:\Program Files\blueconnect\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll () O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1408701878984 (WUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 10.45.2) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 10.45.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43CE3373-4CE9-43C3-80E3-3DB07BAC787D}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F58655B-FCD4-472C-A20F-04659BE75795}: DhcpNameServer = 192.168.1.1 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-09-06 19:22:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013-08-28 13:01:48 | 000,001,628 | R--- | M] () - F:\AutoRun.dat -- [ CDFS ] O32 - AutoRun File - [2013-08-28 13:04:19 | 000,371,456 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2013-07-26 12:21:34 | 000,000,046 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{2717cbcf-d6a7-11e3-9bd9-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{2717cbcf-d6a7-11e3-9bd9-00235af38e25}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2013-08-28 13:04:19 | 000,371,456 | R--- | M] () O33 - MountPoints2\{2717cbd3-d6a7-11e3-9bd9-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{2717cbd3-d6a7-11e3-9bd9-00235af38e25}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2013-08-28 13:04:19 | 000,371,456 | R--- | M] () O33 - MountPoints2\{2e3a6516-43df-11e3-9686-00216bb01ed2}\Shell - "" = AutoRun O33 - MountPoints2\{2e3a6516-43df-11e3-9686-00216bb01ed2}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2013-08-28 13:04:19 | 000,371,456 | R--- | M] () O33 - MountPoints2\{474e14c6-9d5f-11e3-bbb9-00216bb01ed2}\Shell - "" = AutoRun O33 - MountPoints2\{474e14c6-9d5f-11e3-bbb9-00216bb01ed2}\Shell\AutoRun\command - "" = I:\LGAutoRun.exe O33 - MountPoints2\{62122654-3f29-11e3-9682-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{62122654-3f29-11e3-9682-00235af38e25}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{62122657-3f29-11e3-9682-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{62122657-3f29-11e3-9682-00235af38e25}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2013-08-28 13:04:19 | 000,371,456 | R--- | M] () O33 - MountPoints2\{673877c8-d6c2-11e3-9b3d-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{673877c8-d6c2-11e3-9b3d-00235af38e25}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2013-08-28 13:04:19 | 000,371,456 | R--- | M] () O33 - MountPoints2\{a375f364-1de8-11e3-964b-c7932c3fa006}\Shell - "" = AutoRun O33 - MountPoints2\{a375f364-1de8-11e3-964b-c7932c3fa006}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{b088ff56-30e7-11e3-966c-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{b088ff56-30e7-11e3-966c-00235af38e25}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{bc08698b-304c-11e3-966b-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{bc08698b-304c-11e3-966b-00235af38e25}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{bc08698e-304c-11e3-966b-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{bc08698e-304c-11e3-966b-00235af38e25}\Shell\AutoRun\command - "" = G:\AutoRun.exe O33 - MountPoints2\{de2af419-30f9-11e3-966e-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{de2af419-30f9-11e3-966e-00235af38e25}\Shell\AutoRun\command - "" = G:\windows\Install\Install.exe O33 - MountPoints2\{de2af41a-30f9-11e3-966e-00235af38e25}\Shell - "" = AutoRun O33 - MountPoints2\{de2af41a-30f9-11e3-966e-00235af38e25}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn O33 - MountPoints2\{f15bc840-56aa-11e3-b474-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{f15bc840-56aa-11e3-b474-806d6172696f}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2013-08-28 13:04:19 | 000,371,456 | R--- | M] () O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2013-08-28 13:04:19 | 000,371,456 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-08-23 12:49:09 | 000,000,000 | ---D | C] -- C:\FRST [2014-08-23 12:22:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\USB device MF63 Hostless Modem [2014-08-23 12:22:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SupportAppPBHostless Modem [2014-08-22 14:11:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2014-08-22 13:07:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Game Booster 3 [2014-08-22 13:04:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2014-08-22 12:55:14 | 001,306,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2014-08-22 12:55:14 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2014-08-22 12:55:08 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm [2014-08-22 12:55:07 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm [2014-08-22 12:55:07 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm [2014-08-22 12:55:01 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll [2014-08-22 12:54:59 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys [2014-08-22 12:54:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll [2014-08-22 12:54:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll [2014-08-22 12:54:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe [2014-08-22 12:54:57 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll [2014-08-22 12:54:57 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll [2014-08-22 12:54:57 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll [2014-08-22 12:54:57 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll [2014-08-22 12:54:57 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2014-08-22 12:54:57 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll [2014-08-22 12:54:57 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll [2014-08-22 12:54:57 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2014-08-22 12:54:57 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll [2014-08-22 12:54:57 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax [2014-08-22 12:54:57 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax [2014-08-22 12:54:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2014-08-22 12:54:56 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2014-08-22 12:54:56 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2014-08-22 12:54:56 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2014-08-22 12:54:56 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2014-08-22 12:54:56 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2014-08-22 12:54:56 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2014-08-22 12:54:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2014-08-22 12:54:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2014-08-22 12:54:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2014-08-22 12:54:55 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2014-08-22 12:54:55 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll [2014-08-22 12:54:54 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2014-08-22 12:54:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2014-08-22 12:54:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2014-08-22 12:54:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2014-08-22 12:54:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2014-08-22 12:54:53 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll [2014-08-22 12:54:53 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll [2014-08-22 12:54:53 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2014-08-22 12:54:53 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2014-08-22 12:54:53 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2014-08-22 12:54:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2014-08-22 12:54:53 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2014-08-22 12:54:53 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2014-08-22 12:54:53 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll [2014-08-22 12:54:53 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2014-08-22 12:54:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2014-08-22 12:54:53 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2014-08-22 12:54:52 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll [2014-08-22 12:54:52 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2014-08-22 12:54:52 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2014-08-22 12:54:52 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2014-08-22 12:54:51 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll [2014-08-22 12:54:51 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll [2014-08-22 12:54:51 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll [2014-08-22 12:54:51 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe [2014-08-22 12:54:51 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe [2014-08-22 12:54:51 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2014-08-22 12:54:50 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2014-08-22 12:54:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe [2014-08-22 12:54:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2014-08-22 12:54:47 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe [2014-08-22 12:54:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl [2014-08-22 12:54:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2014-08-22 12:54:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2014-08-22 12:52:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2014-08-22 12:52:02 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe [2014-08-22 12:49:29 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2014-08-22 12:49:29 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2014-08-22 12:49:29 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2014-08-22 12:49:29 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll [2014-08-22 12:49:29 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll [2014-08-22 12:49:29 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll [2014-08-22 12:49:29 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll [2014-08-22 12:49:29 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll [2014-08-22 12:49:29 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll [2014-08-22 12:49:29 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll [2014-08-22 12:49:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2014-08-22 12:49:28 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2014-08-22 12:49:28 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2014-08-22 12:49:28 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2014-08-22 12:49:28 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2014-08-22 12:49:28 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2014-08-22 12:49:28 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2014-08-22 12:49:28 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2014-08-22 12:49:28 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2014-08-22 12:49:28 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2014-08-22 12:49:27 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2014-08-22 12:49:27 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2014-08-22 12:49:27 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2014-08-22 12:49:27 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2014-08-22 12:49:27 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2014-08-22 12:49:27 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2014-08-22 12:49:27 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2014-08-22 12:49:27 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2014-08-22 12:49:27 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2014-08-22 12:49:27 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2014-08-22 12:49:26 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll [2014-08-22 12:49:26 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll [2014-08-22 12:49:26 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll [2014-08-22 12:49:26 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll [2014-08-22 12:49:26 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll [2014-08-22 12:49:25 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys [2014-08-22 12:49:25 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll [2014-08-22 12:49:24 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2014-08-22 12:49:23 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2014-08-22 12:49:23 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2014-08-22 12:49:23 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2014-08-22 12:49:23 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2014-08-22 12:49:23 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2014-08-22 12:49:23 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2014-08-22 12:49:23 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys [2014-08-22 12:49:22 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2014-08-22 12:49:22 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2014-08-22 12:49:22 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2014-08-22 12:49:22 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2014-08-22 12:49:22 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll [2014-08-22 12:49:22 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys [2014-08-22 12:49:22 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll [2014-08-22 12:49:21 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2014-08-22 12:49:21 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2014-08-22 12:49:21 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2014-08-22 12:49:21 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2014-08-22 12:49:21 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2014-08-22 12:49:21 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2014-08-22 12:44:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2014-08-22 12:02:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Kuba\UserData [2014-08-22 11:57:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\Pobrane [2014-08-22 11:52:05 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Kuba\Recent [2014-08-21 23:34:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Moje dokumenty\FIFA World [2014-08-21 23:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EA SPORTS FIFA World [2014-08-21 23:30:20 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\EAInstaller [2014-08-21 23:17:50 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2014-08-21 23:17:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2014-08-21 23:17:42 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2014-08-21 23:17:34 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2014-08-21 23:17:28 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2014-08-21 23:17:21 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2014-08-21 23:17:16 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2014-08-21 23:17:08 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2014-08-21 23:16:58 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2014-08-21 23:16:58 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2014-08-21 23:16:52 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2014-08-21 23:16:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2014-08-21 23:16:30 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2014-08-21 23:16:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2014-08-21 23:16:15 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2014-08-21 23:16:07 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2014-08-21 23:15:59 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2014-08-21 23:15:53 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2014-08-21 23:15:48 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2014-08-21 19:40:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2014-08-20 16:57:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2014-08-20 16:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2014-08-18 13:49:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Dane aplikacji\Origin [2014-08-18 13:48:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\Origin [2014-08-18 13:47:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Origin [2014-08-18 11:12:39 | 000,000,000 | -HSD | C] -- C:\found.001 [2014-08-18 10:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\Hostless Modem [2014-08-09 22:32:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Origin [2014-08-09 21:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\Origin Games [2014-08-09 19:18:06 | 000,000,000 | ---D | C] -- C:\Program Files\Origin [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-08-23 12:48:00 | 000,000,420 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2014-08-23 12:47:28 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job [2014-08-23 12:47:27 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express FilesUpdate.job [2014-08-23 12:47:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-08-23 12:36:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2014-08-23 12:22:56 | 000,001,657 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\USB device MF63.lnk [2014-08-23 12:21:49 | 000,000,186 | ---- | M] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne.lnk [2014-08-23 12:21:49 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Kuba\UserData.lnk [2014-08-23 12:21:49 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Kuba\Ulubione.lnk [2014-08-23 12:21:48 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Kuba\Szablony.lnk [2014-08-23 12:21:48 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Kuba\SendTo.lnk [2014-08-23 12:21:48 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Kuba\Recent.lnk [2014-08-23 12:21:48 | 000,000,162 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit.lnk [2014-08-23 12:21:47 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Kuba\PrintHood.lnk [2014-08-23 12:21:46 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Kuba\NetHood.lnk [2014-08-23 12:21:45 | 000,000,178 | ---- | M] () -- C:\Documents and Settings\Kuba\Moje dokumenty.lnk [2014-08-23 12:21:44 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Kuba\Menu Start.lnk [2014-08-23 12:21:44 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Kuba\GG dysk.lnk [2014-08-23 12:21:43 | 000,000,178 | ---- | M] () -- C:\Documents and Settings\Kuba\Dane aplikacji.lnk [2014-08-23 12:21:43 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\Kuba\GDBManager11.lnk [2014-08-23 12:21:42 | 000,000,164 | ---- | M] () -- C:\Documents and Settings\Kuba\Cookies.lnk [2014-08-23 12:21:41 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\Kuba\.gstreamer-0.10.lnk [2014-08-23 12:21:40 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Kuba\.gimp-2.6.lnk [2014-08-23 12:21:40 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Kuba\.android.lnk [2014-08-23 12:21:39 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\Kuba\...lnk [2014-08-23 12:21:39 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\Kuba\..lnk [2014-08-23 12:21:38 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\Kuba\Video.lnk [2014-08-23 12:21:37 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Kuba\Passwords.lnk [2014-08-23 12:21:37 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Kuba\Documents.lnk [2014-08-23 12:21:37 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\Kuba\Pictures.lnk [2014-08-23 12:21:37 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\Kuba\Music.lnk [2014-08-23 12:21:36 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Kuba\New Folder.lnk [2014-08-22 13:07:17 | 000,000,835 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk [2014-08-22 13:07:17 | 000,000,823 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk [2014-08-22 13:06:16 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2014-08-22 13:05:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2014-08-22 13:04:24 | 000,151,584 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014-08-22 12:49:02 | 000,251,152 | RHS- | M] () -- C:\ntldr [2014-08-22 12:40:40 | 000,056,376 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\untitled.flp [2014-08-22 11:33:49 | 000,490,870 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2014-08-22 11:33:49 | 000,103,642 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2014-08-22 11:33:49 | 000,083,328 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2014-08-22 11:33:49 | 000,000,574 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2014-08-21 22:13:32 | 010,521,147 | ---- | M] () -- C:\Documents and Settings\Kuba\Pulpit\untitled.mp3 [2014-08-20 12:15:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2014-08-18 13:47:38 | 000,000,440 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Origin.lnk [2014-08-09 21:39:34 | 000,010,752 | RHS- | M] () -- C:\Documents and Settings\Kuba\zzz.dll [2014-08-09 21:39:34 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Kuba\zys.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Kuba\zvA.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Kuba\ztL.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Kuba\zSH.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Kuba\zQl.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Kuba\zOe.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Kuba\zMD.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Kuba\zhh.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | M] () -- C:\Documents and Settings\Kuba\zAN.lnk [2014-07-30 16:31:47 | 000,138,240 | RHS- | M] () -- C:\Documents and Settings\Kuba\alg.exe [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-08-23 12:22:55 | 000,001,657 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\USB device MF63.lnk [2014-08-23 12:21:49 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Kuba\UserData.lnk [2014-08-22 13:07:30 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job [2014-08-22 13:07:17 | 000,000,835 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Switch to Gaming Mode.lnk [2014-08-22 13:07:17 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Game Booster 3.lnk [2014-08-22 13:04:24 | 000,151,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014-08-22 12:55:11 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2014-08-22 12:55:11 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2014-08-22 12:55:11 | 000,001,714 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2014-08-22 12:55:11 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2014-08-22 12:55:10 | 000,693,932 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2014-08-22 12:55:10 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2014-08-22 12:55:10 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2014-08-22 12:55:10 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2014-08-22 12:55:10 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2014-08-22 12:55:10 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2014-08-22 12:55:10 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2014-08-22 12:55:10 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2014-08-22 12:55:10 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2014-08-22 12:55:10 | 000,071,460 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2014-08-22 12:55:10 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2014-08-22 12:55:09 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2014-08-22 12:55:09 | 000,058,350 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf [2014-08-22 12:55:09 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2014-08-22 12:55:08 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2014-08-22 12:55:08 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2014-08-22 12:55:08 | 000,034,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2014-08-22 12:55:08 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2014-08-22 12:55:08 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2014-08-22 12:55:08 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2014-08-22 12:55:08 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2014-08-22 12:55:08 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2014-08-22 12:55:08 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2014-08-22 12:55:08 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2014-08-22 12:55:08 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2014-08-22 12:55:08 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2014-08-22 12:55:08 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2014-08-22 12:55:08 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2014-08-22 12:55:08 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js [2014-08-22 12:55:08 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2014-08-22 12:55:08 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2014-08-22 12:55:08 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2014-08-22 12:55:08 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2014-08-22 12:55:08 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2014-08-22 12:55:08 | 000,001,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2014-08-22 12:55:08 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2014-08-22 12:55:08 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2014-08-22 12:55:08 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2014-08-22 12:55:08 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2014-08-22 12:55:08 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2014-08-22 12:55:07 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2014-08-22 12:55:07 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2014-08-22 12:55:07 | 000,089,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2014-08-22 12:55:07 | 000,066,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz [2014-08-22 12:55:07 | 000,036,644 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2014-08-22 12:55:07 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2014-08-22 12:55:07 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js [2014-08-22 12:55:07 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2014-08-22 12:55:07 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2014-08-22 12:55:07 | 000,001,482 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl [2014-08-22 12:55:07 | 000,001,479 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl [2014-08-22 12:55:07 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl [2014-08-22 12:55:07 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl [2014-08-22 12:55:07 | 000,001,463 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl [2014-08-22 12:55:07 | 000,001,262 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl [2014-08-22 12:55:07 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl [2014-08-22 12:55:07 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl [2014-08-22 12:55:07 | 000,001,041 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl [2014-08-22 12:55:07 | 000,000,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl [2014-08-22 12:55:07 | 000,000,822 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl [2014-08-22 12:55:07 | 000,000,808 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl [2014-08-22 12:55:07 | 000,000,792 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl [2014-08-22 12:55:07 | 000,000,786 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl [2014-08-22 12:55:07 | 000,000,738 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl [2014-08-22 12:55:07 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2014-08-22 12:55:06 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2014-08-22 12:55:06 | 000,184,137 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz [2014-08-22 12:55:06 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css [2014-08-22 12:55:06 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2014-08-22 12:55:06 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js [2014-08-22 12:55:06 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2014-08-22 12:55:06 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2014-08-22 12:55:06 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2014-08-22 12:55:06 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2014-08-22 12:55:06 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2014-08-22 12:55:06 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2014-08-22 12:49:26 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2014-08-22 12:49:25 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2014-08-22 12:49:23 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2014-08-21 22:09:55 | 010,521,147 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit\untitled.mp3 [2014-08-18 13:47:37 | 000,000,440 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Origin.lnk [2014-08-09 21:39:34 | 000,010,752 | RHS- | C] () -- C:\Documents and Settings\Kuba\zzz.dll [2014-08-09 21:39:34 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Kuba\zys.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Kuba\zvA.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Kuba\ztL.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Kuba\zSH.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Kuba\zQl.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Kuba\zOe.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Kuba\zMD.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Kuba\zhh.lnk [2014-08-09 21:39:34 | 000,000,161 | ---- | C] () -- C:\Documents and Settings\Kuba\zAN.lnk [2014-08-09 21:39:33 | 000,138,240 | RHS- | C] () -- C:\Documents and Settings\Kuba\buaagex.exe [2014-08-09 21:39:33 | 000,138,240 | ---- | C] () -- C:\Documents and Settings\Kuba\x.exe [2014-08-09 21:39:31 | 000,138,240 | RHS- | C] () -- C:\Documents and Settings\Kuba\yiamoq.scr [2014-08-09 21:39:31 | 000,138,240 | RHS- | C] () -- C:\Documents and Settings\Kuba\yiamoq.exe [2014-07-30 16:31:47 | 000,138,240 | RHS- | C] () -- C:\Documents and Settings\Kuba\alg.exe [2014-05-22 16:57:47 | 000,138,240 | RHS- | C] () -- C:\Documents and Settings\Kuba\buaage.exe [2014-03-31 19:48:06 | 000,000,186 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne.lnk [2014-03-31 19:48:06 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Kuba\Ulubione.lnk [2014-03-31 19:48:05 | 000,000,180 | ---- | C] () -- C:\Documents and Settings\Kuba\.gstreamer-0.10.lnk [2014-03-31 19:48:05 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\Kuba\Moje dokumenty.lnk [2014-03-31 19:48:05 | 000,000,178 | ---- | C] () -- C:\Documents and Settings\Kuba\Dane aplikacji.lnk [2014-03-31 19:48:05 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\Kuba\GDBManager11.lnk [2014-03-31 19:48:05 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Kuba\New Folder.lnk [2014-03-31 19:48:05 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Kuba\Menu Start.lnk [2014-03-31 19:48:05 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Kuba\PrintHood.lnk [2014-03-31 19:48:05 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Kuba\Passwords.lnk [2014-03-31 19:48:05 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Kuba\Documents.lnk [2014-03-31 19:48:05 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\Kuba\.gimp-2.6.lnk [2014-03-31 19:48:05 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Kuba\Szablony.lnk [2014-03-31 19:48:05 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Kuba\Pictures.lnk [2014-03-31 19:48:05 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\Kuba\.android.lnk [2014-03-31 19:48:05 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Kuba\NetHood.lnk [2014-03-31 19:48:05 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Kuba\GG dysk.lnk [2014-03-31 19:48:05 | 000,000,164 | ---- | C] () -- C:\Documents and Settings\Kuba\Cookies.lnk [2014-03-31 19:48:05 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Kuba\SendTo.lnk [2014-03-31 19:48:05 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Kuba\Recent.lnk [2014-03-31 19:48:05 | 000,000,162 | ---- | C] () -- C:\Documents and Settings\Kuba\Pulpit.lnk [2014-03-31 19:48:05 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Kuba\Video.lnk [2014-03-31 19:48:05 | 000,000,160 | ---- | C] () -- C:\Documents and Settings\Kuba\Music.lnk [2014-03-31 19:48:05 | 000,000,154 | ---- | C] () -- C:\Documents and Settings\Kuba\...lnk [2014-03-31 19:48:05 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\Kuba\..lnk [2014-03-31 19:48:05 | 000,000,135 | RHS- | C] () -- C:\Documents and Settings\Kuba\autorun.inf [2014-03-11 21:38:35 | 000,197,095 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-2025429265-261478967-682003330-1003-0.dat [2014-03-11 21:38:34 | 000,131,458 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2014-03-08 20:44:26 | 000,000,079 | ---- | C] () -- C:\WINDOWS\wininit.ini [2014-03-07 14:29:32 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\Uharc.exe [2014-03-07 14:29:32 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe [2014-03-07 14:29:31 | 000,517,120 | ---- | C] () -- C:\WINDOWS\System32\CLWCP.exe [2014-03-03 22:38:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Kuba\TempWmicBatchFile.bat [2014-02-05 18:01:00 | 000,000,586 | ---- | C] () -- C:\WINDOWS\BeatBox.INI [2014-02-05 17:59:54 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll [2014-02-05 17:48:52 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll [2014-02-05 17:48:30 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2014-01-23 17:02:34 | 000,024,959 | RHS- | C] () -- C:\Documents and Settings\Kuba\weaanoq.exe [2013-12-23 23:25:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2013-12-23 19:26:06 | 000,005,616 | ---- | C] () -- C:\Documents and Settings\Kuba\.recently-used.xbel [2013-11-30 20:31:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe [2013-10-08 22:15:38 | 000,024,959 | RHS- | C] () -- C:\Documents and Settings\Kuba\vuocaaj.exe [2013-10-06 11:07:21 | 000,000,615 | ---- | C] () -- C:\WINDOWS\eReg.dat [2013-10-03 15:04:28 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2013-09-16 22:05:34 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\Kuba\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-09-15 14:58:54 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2013-09-15 14:40:15 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2013-09-07 12:02:08 | 000,613,512 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2013-09-07 11:44:21 | 000,002,596 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Config.nt.bak [2013-09-07 11:44:21 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Autoexec.nt.bak [2013-09-07 11:44:21 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\hosts.bak [2013-09-06 21:08:09 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2013-09-06 19:36:10 | 000,982,240 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin [2013-09-06 19:36:10 | 000,004,096 | ---- | C] ( ) -- C:\WINDOWS\System32\IGFXDEVLib.dll [2013-09-06 19:36:08 | 000,439,308 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin [2013-09-06 19:36:08 | 000,000,146 | ---- | C] () -- C:\WINDOWS\System32\GfxUI.exe.config [2013-09-06 19:24:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013-09-06 19:18:51 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2013-09-07 11:55:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 22:50:48 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008-04-14 22:50:32 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 22:50:58 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-10-09 17:06:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2013-09-08 12:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DAEMON Tools Lite [2014-04-17 16:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2014-04-17 16:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Electronic Arts [2013-11-04 18:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\eSafe [2013-10-09 17:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2014-08-20 16:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\IObit [2013-12-27 22:48:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI [2013-10-07 19:52:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI(2) [2013-12-27 22:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\KONAMI(3) [2013-09-28 11:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\MAGIX [2014-08-22 13:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Origin [2014-08-22 11:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\SoftPerfect [2014-04-25 16:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\TechSmith [2013-10-14 18:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\AnvSoft [2013-09-22 18:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\BitTorrent [2013-10-09 15:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\blueconnect [2014-02-27 21:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\DAEMON Tools Lite [2013-09-15 15:57:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\DRPSu [2013-09-15 15:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Easeware [2013-11-26 19:38:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\ExpressFiles [2013-09-16 14:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FabrykaGier [2013-11-11 16:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FlowStone [2013-11-10 20:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\FoxTab [2014-05-11 11:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\GG [2013-12-13 21:30:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\HLSW [2013-11-09 18:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Image-Line [2013-09-28 11:47:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\MAGIX [2013-12-27 22:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\newnext.me [2013-12-04 21:18:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Nico Mak Computing [2013-12-27 16:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Opera [2014-08-18 20:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Origin [2013-09-22 09:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\pl.5fantastic.oneway [2013-09-22 09:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\pl.5fantastic.oneway.8566CE160176669D38AD6CA5DF2B8C8BE659144F.1 [2014-03-03 19:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\SimilarSites [2014-02-21 19:17:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\SMRecorder [2014-04-12 15:02:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\streamripper [2013-11-30 20:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\SwvUpdater [2014-03-07 22:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\TechSmith [2014-02-07 15:39:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\Thinstall [2014-08-18 14:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\uTorrent [2014-03-07 14:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\ViGlance [2014-03-07 14:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kuba\Dane aplikacji\ViStart [color=#E56717]========== Purity Check ==========[/color] < End of report >