OTL logfile created on: 2014-12-08 23:49:18 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\darek\Pulpit Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 547,54 Mb Available Physical Memory | 53,50% Memory free 1,65 Gb Paging File | 1,33 Gb Available in Paging File | 80,52% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 5,98 Gb Free Space | 20,41% Space Free | Partition Type: NTFS Drive D: | 119,75 Gb Total Space | 0,31 Gb Free Space | 0,26% Space Free | Partition Type: NTFS Drive F: | 3,80 Gb Total Space | 0,55 Gb Free Space | 14,52% Space Free | Partition Type: FAT32 Drive G: | 33,50 Gb Total Space | 0,09 Gb Free Space | 0,26% Space Free | Partition Type: NTFS Drive H: | 625,41 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: ZAQ | User Name: darek | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014-12-05 12:12:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\darek\Pulpit\OTL.exe PRC - [2014-05-04 19:29:16 | 000,879,456 | ---- | M] (Opera Software) -- C:\operausb1217int\opera.exe PRC - [2013-03-07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2013-03-07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010-11-16 14:37:38 | 000,264,704 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe PRC - [2005-11-08 08:22:14 | 000,233,472 | ---- | M] (SAMSUNG) -- C:\Program Files\SEC\MagicTune3.6\MagicTune.exe PRC - [2004-12-22 10:09:44 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE PRC - [2004-08-03 23:44:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004-06-11 04:15:18 | 000,083,968 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvraidservice.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014-12-08 09:28:25 | 002,896,896 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\14120800\algo.dll MOD - [2010-11-16 14:37:38 | 000,264,704 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe MOD - [2005-11-08 08:21:34 | 000,040,960 | ---- | M] () -- C:\Program Files\SEC\MagicTune3.6\I2CDll.dll MOD - [2005-11-08 07:57:18 | 009,588,736 | ---- | M] () -- C:\Program Files\SEC\MagicTune3.6\MTResEng.dll MOD - [2005-08-18 13:20:04 | 000,032,768 | ---- | M] () -- C:\Program Files\SEC\MagicTune3.6\HzZone.dll MOD - [2005-08-18 13:19:42 | 000,032,768 | ---- | M] () -- C:\Program Files\SEC\MagicTune3.6\Highlight.dll MOD - [2004-08-03 23:44:04 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013-09-09 08:42:52 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-03-07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2010-11-16 14:37:38 | 000,264,704 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ETdrv.sys -- (USBET) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pa3106hk.sys -- ( PC Camera ) DRV - [2014-12-01 13:03:02 | 000,770,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013-03-07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013-03-07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013-03-07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013-03-07 00:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2013-03-07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013-03-07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013-03-07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010-11-04 16:51:36 | 000,085,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV - [2010-10-09 13:48:36 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV - [2010-08-27 12:53:32 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2010-08-07 16:48:30 | 000,106,496 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2010-07-27 08:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2008-06-19 16:24:30 | 000,028,544 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot) DRV - [2008-04-23 09:30:10 | 000,683,791 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\torususb.sys -- (TaurusUsb) DRV - [2008-04-23 09:30:10 | 000,060,255 | ---- | M] (STMicroelectronics ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stmatm.sys -- (Stmatm) DRV - [2007-06-05 12:58:06 | 000,008,576 | ---- | M] (Panda Software International) [Unknown (3) | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\wdddcnhfodbs.sys -- (wdddcnhfodbs) DRV - [2007-06-05 12:58:06 | 000,008,576 | ---- | M] (Panda Software International) [Unknown (3) | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\stbyyqrcqsvf.sys -- (stbyyqrcqsvf) DRV - [2007-06-05 12:58:06 | 000,008,576 | ---- | M] (Panda Software International) [Unknown (3) | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\laabhyqiggnl.sys -- (laabhyqiggnl) DRV - [2007-06-05 12:58:06 | 000,008,576 | ---- | M] (Panda Software International) [Unknown (3) | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\hdvyjxyxqmkh.sys -- (hdvyjxyxqmkh) DRV - [2006-06-05 18:44:07 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtscsi.sys -- (dtscsi) DRV - [2006-06-05 14:29:27 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2005-10-21 06:25:32 | 000,013,396 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MTiCtwl.sys -- (MagicTune) DRV - [2005-06-10 09:42:56 | 000,009,728 | ---- | M] (Samsung Electronics, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\magicpvt.sys -- (magicpvt) DRV - [2004-12-22 10:07:12 | 002,304,320 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2004-09-07 14:29:08 | 000,005,760 | ---- | M] (Ahead Software AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec) DRV - [2004-09-07 14:27:38 | 000,028,544 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass) DRV - [2004-09-07 14:27:22 | 000,091,136 | ---- | M] (Ahead Software AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs) DRV - [2004-08-03 23:35:04 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2004-07-28 23:15:38 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2004-07-28 23:15:36 | 000,033,024 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2004-06-03 03:40:46 | 000,079,360 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus) DRV - [2004-04-02 08:40:00 | 000,021,760 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp) DRV - [2003-12-08 10:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) DRV - [2003-12-08 10:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1606980848-1284227242-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ IE - HKU\S-1-5-21-1606980848-1284227242-839522115-1003\..\SearchScopes,DefaultScope = {FFEBBF0A-C22C-4172-89FF-45215A135AC7} IE - HKU\S-1-5-21-1606980848-1284227242-839522115-1003\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = http://go.mail.ru/search?utf8in=1&fr=ietb&q={SearchTerms} IE - HKU\S-1-5-21-1606980848-1284227242-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.startup.homepage: "http://www.google.com/webhp?hl=pl" FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1 FF - prefs.js..keyword.URL: "http://go.mail.ru/search?fr=fftb&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013-03-23 13:02:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox 2 Beta 1\components [2013-09-09 08:43:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 2 Beta 1\plugins [2012-02-27 18:01:11 | 000,000,000 | ---D | M] [2012-02-27 17:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Extensions [2014-09-27 23:47:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\bq2aui3b.default\extensions [2014-09-27 23:47:45 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\bq2aui3b.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-11-23 17:50:14 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\darek\Dane aplikacji\Mozilla\Firefox\Profiles\bq2aui3b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-23 13:02:55 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF O1 HOSTS File: ([2010-08-27 11:14:48 | 000,419,281 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.pl.errorsafe.com* O1 - Hosts: 127.0.0.1 *pl.errorsafe.com/download/2006/index.php?mtrt=vm_china&aid=d3_el_poland&affid=d3_68030__{48fa9831-7a98-4b47-9df4-692607a2606f} O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 14473 more lines... O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Downloads\Nowy folder\BitComet_1.12\tools\BitCometBHO.dll (BitComet) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (gFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll () O4 - HKLM..\Run: [AdslTaskBar] C:\WINDOWS\System32\stmctrl.dll (STMicroelectronics ) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe (NVIDIA Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - Startup: C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\MagicTune 3.6.lnk = C:\Program Files\SEC\MagicTune3.6\MagicTuneTray.exe () O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1606980848-1284227242-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1606980848-1284227242-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data] O7 - HKU\S-1-5-21-1606980848-1284227242-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - C:\Downloads\Nowy folder\BitComet_1.12\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - C:\Downloads\Nowy folder\BitComet_1.12\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Pobierz za pomocą BitComet - C:\Downloads\Nowy folder\BitComet_1.12\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm () O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm () O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Downloads\Nowy folder\BitComet_1.12\tools\bitcometbho.dll (BitComet) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/0/A/9/0A9F8B32-9F8C-4D74-A130-E4CAB36EB01F/wmvadvd.cab (Reg Error: Key error.) O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class) O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab (Java Plug-in 1.4.0_03) O16 - DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab (Java Plug-in 1.5.0_08) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0CA3D862-99E8-4413-83CA-E142847C5F30}: NameServer = 194.204.152.34 194.204.159.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 0 O32 - AutoRun File - [2006-06-02 21:23:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009-09-13 12:26:07 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2009-09-13 12:26:07 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2006-06-06 22:31:38 | 000,000,135 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ] O32 - AutoRun File - [2000-02-14 22:12:08 | 000,000,201 | ---- | M] () - F:\AUTOEXEC.SYD -- [ FAT32 ] O32 - AutoRun File - [2009-09-13 13:26:08 | 000,000,000 | RHSD | M] - F:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2009-09-13 12:26:07 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2001-03-01 21:29:02 | 000,000,061 | R--- | M] () - H:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{039ef48c-2f0c-11e1-a649-000fea385d46}\Shell - "" = AutoRun O33 - MountPoints2\{039ef48c-2f0c-11e1-a649-000fea385d46}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{4fc7ff07-2fa8-11e1-a650-000fea385d46}\Shell - "" = AutoRun O33 - MountPoints2\{4fc7ff07-2fa8-11e1-a650-000fea385d46}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{777bd5fb-2fc0-11e1-a652-000fea385d46}\Shell - "" = AutoRun O33 - MountPoints2\{777bd5fb-2fc0-11e1-a652-000fea385d46}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{7c4a3ce4-80e1-11e1-a6d0-000fea385d46}\Shell - "" = AutoRun O33 - MountPoints2\{7c4a3ce4-80e1-11e1-a6d0-000fea385d46}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{7c4a3ce9-80e1-11e1-a6d0-001e101f89d0}\Shell - "" = AutoRun O33 - MountPoints2\{7c4a3ce9-80e1-11e1-a6d0-001e101f89d0}\Shell\AutoRun\command - "" = L:\AutoRun.exe O33 - MountPoints2\{9e12ae4c-2f33-11e1-a64e-000fea385d46}\Shell - "" = AutoRun O33 - MountPoints2\{9e12ae4c-2f33-11e1-a64e-000fea385d46}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{b8ee3fe0-8655-11e2-bfc7-000fea385d46}\Shell - "" = AutoRun O33 - MountPoints2\{b8ee3fe0-8655-11e2-bfc7-000fea385d46}\Shell\AutoRun\command - "" = K:\AutoRun.exe O33 - MountPoints2\{ef4c14e1-f4b9-11da-9ba3-000fea385d46}\Shell - "" = AutoRun O33 - MountPoints2\{ef4c14e1-f4b9-11da-9ba3-000fea385d46}\Shell\AutoRun\command - "" = H:\setup.exe -- [2001-07-13 10:43:36 | 000,065,536 | R--- | M] () O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\setup.exe -- [2001-07-13 10:43:36 | 000,065,536 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014-12-08 23:24:48 | 000,000,000 | ---D | C] -- C:\FRST [2014-12-08 21:40:00 | 001,111,040 | ---- | C] (Farbar) -- C:\Documents and Settings\darek\Moje dokumenty\FRST.exe [2014-12-08 19:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2014-12-08 19:34:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\Thunderbird [2014-12-08 19:34:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\darek\Dane aplikacji\Thunderbird [2014-12-08 16:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Panda Security [2014-12-08 16:12:58 | 000,000,000 | ---D | C] -- C:\!KillBox [2014-12-08 16:12:02 | 000,000,000 | ---D | C] -- C:\operausb1217int [2014-12-08 16:12:01 | 000,000,000 | ---D | C] -- C:\ccsetup500 [2014-12-08 16:11:58 | 000,093,696 | ---- | C] (Option^Explicit Software vbtechcd@gmail.com) -- C:\KillBox_[www.programosy.pl].exe [2014-12-08 16:11:58 | 000,000,000 | ---D | C] -- C:\Apple Safari v4.0.4 [2014-12-07 18:45:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\darek\Recent [2014-12-06 19:33:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\darek\Pulpit\OTL.exe [2014-12-04 18:20:03 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2014-12-04 18:19:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Malwarebytes Anti-Malware [2014-12-04 18:19:42 | 000,054,360 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [2014-12-04 18:19:42 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2014-12-04 18:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware [2014-12-04 18:19:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Malwarebytes [2014-12-04 18:18:55 | 020,447,072 | ---- | C] (Malwarebytes Corporation ) -- C:\mbam-setup-2.0.4.1028.exe [2014-12-04 16:15:36 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2014-12-03 18:11:58 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014-12-08 23:23:00 | 000,001,128 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1284227242-839522115-1004UA.job [2014-12-08 23:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At48.job [2014-12-08 23:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At24.job [2014-12-08 22:59:54 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2014-12-08 22:58:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2014-12-08 22:58:18 | 000,000,016 | ---- | M] () -- C:\WINDOWS\System32\magicpvt.dat [2014-12-08 22:58:17 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2014-12-08 22:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At47.job [2014-12-08 22:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At23.job [2014-12-08 21:54:16 | 000,852,487 | ---- | M] () -- C:\Documents and Settings\darek\Moje dokumenty\SecurityCheck.exe [2014-12-08 21:40:00 | 001,111,040 | ---- | M] (Farbar) -- C:\Documents and Settings\darek\Moje dokumenty\FRST.exe [2014-12-08 21:00:01 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At46.job [2014-12-08 21:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At22.job [2014-12-08 20:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At45.job [2014-12-08 20:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At21.job [2014-12-08 18:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At43.job [2014-12-08 18:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At19.job [2014-12-08 17:16:14 | 000,018,764 | ---- | M] () -- C:\Documents and Settings\darek\Moje dokumenty\cc_20141208_171345.reg [2014-12-08 17:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At42.job [2014-12-08 17:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At18.job [2014-12-08 16:20:46 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Panda Cloud Cleaner.lnk [2014-12-08 11:15:02 | 000,093,696 | ---- | M] (Option^Explicit Software vbtechcd@gmail.com) -- C:\KillBox_[www.programosy.pl].exe [2014-12-07 22:57:57 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2014-12-07 19:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At44.job [2014-12-07 19:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At20.job [2014-12-07 17:04:13 | 000,087,754 | ---- | M] () -- C:\Documents and Settings\darek\Moje dokumenty\pharcyde.jpg [2014-12-07 16:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At41.job [2014-12-07 16:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At17.job [2014-12-07 15:36:10 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2014-12-07 14:08:27 | 000,057,856 | ---- | M] () -- C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014-12-07 14:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At39.job [2014-12-07 14:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At15.job [2014-12-07 13:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At38.job [2014-12-07 13:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At14.job [2014-12-07 12:56:49 | 000,019,465 | ---- | M] () -- C:\Documents and Settings\darek\Moje dokumenty\programy w c przed deinstalacją4.jpg [2014-12-07 12:56:19 | 000,067,904 | ---- | M] () -- C:\Documents and Settings\darek\Moje dokumenty\programy w c przed deinstalacją3.jpg [2014-12-07 12:55:12 | 000,078,119 | ---- | M] () -- C:\Documents and Settings\darek\Moje dokumenty\programy w c przed deinstalacją2.jpg [2014-12-07 12:54:49 | 000,081,349 | ---- | M] () -- C:\Documents and Settings\darek\Moje dokumenty\programy w c przed deinstalacją1.jpg [2014-12-07 00:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At25.job [2014-12-07 00:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At1.job [2014-12-05 20:37:23 | 000,000,212 | -HS- | M] () -- C:\boot.ini [2014-12-05 20:21:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2014-12-05 17:32:53 | 000,192,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2014-12-05 12:12:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\darek\Pulpit\OTL.exe [2014-12-04 18:19:46 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2014-12-04 10:26:58 | 020,447,072 | ---- | M] (Malwarebytes Corporation ) -- C:\mbam-setup-2.0.4.1028.exe [2014-12-02 13:43:48 | 000,000,082 | ---- | M] () -- C:\WINDOWS\wininit.ini [2014-12-02 12:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At37.job [2014-12-02 12:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At13.job [2014-12-02 11:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At36.job [2014-12-02 11:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At12.job [2014-12-02 10:23:00 | 000,001,076 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-1284227242-839522115-1004Core.job [2014-12-02 10:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At35.job [2014-12-02 10:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At11.job [2014-12-01 15:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At40.job [2014-12-01 15:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At16.job [2014-12-01 13:03:02 | 000,770,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2014-12-01 13:03:02 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2014-12-01 09:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At34.job [2014-12-01 09:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At10.job [2014-12-01 08:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At9.job [2014-12-01 08:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At33.job [2014-12-01 07:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At8.job [2014-12-01 07:00:00 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At32.job [2014-11-29 01:00:04 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At26.job [2014-11-29 01:00:03 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\At2.job [2014-11-21 20:52:31 | 002,133,818 | ---- | M] () -- C:\Documents and Settings\darek\Moje dokumenty\DVD muza.DLC [2014-11-21 06:14:14 | 000,054,360 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [2014-11-21 06:14:06 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2014-11-10 23:01:50 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn [2014-11-10 23:01:50 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for [2014-11-09 21:33:49 | 000,001,066 | ---- | M] () -- C:\WINDOWS\WaveRec.ini [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014-12-08 21:54:16 | 000,852,487 | ---- | C] () -- C:\Documents and Settings\darek\Moje dokumenty\SecurityCheck.exe [2014-12-08 17:13:48 | 000,018,764 | ---- | C] () -- C:\Documents and Settings\darek\Moje dokumenty\cc_20141208_171345.reg [2014-12-08 16:20:46 | 000,000,935 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Panda Cloud Cleaner.lnk [2014-12-07 17:04:13 | 000,087,754 | ---- | C] () -- C:\Documents and Settings\darek\Moje dokumenty\pharcyde.jpg [2014-12-07 12:56:49 | 000,019,465 | ---- | C] () -- C:\Documents and Settings\darek\Moje dokumenty\programy w c przed deinstalacją4.jpg [2014-12-07 12:56:19 | 000,067,904 | ---- | C] () -- C:\Documents and Settings\darek\Moje dokumenty\programy w c przed deinstalacją3.jpg [2014-12-07 12:55:12 | 000,078,119 | ---- | C] () -- C:\Documents and Settings\darek\Moje dokumenty\programy w c przed deinstalacją2.jpg [2014-12-07 12:54:49 | 000,081,349 | ---- | C] () -- C:\Documents and Settings\darek\Moje dokumenty\programy w c przed deinstalacją1.jpg [2014-12-04 18:19:46 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Malwarebytes Anti-Malware.lnk [2014-12-01 13:03:02 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum [2014-11-10 23:01:50 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn [2014-11-10 23:01:50 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for [2013-12-30 16:55:08 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ETCoInst.dll [2013-03-23 13:03:17 | 000,164,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys [2013-03-23 13:03:17 | 000,049,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys [2010-10-27 21:09:07 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\darek\Dane aplikacji\$_hpcst$.hpc [2006-10-05 14:01:00 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\darek\.plugin140_03.trace [2006-06-03 08:40:53 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\darek\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2006-06-02 21:55:22 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2013-01-21 23:46:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2004-08-03 23:44:10 | 001,483,264 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2004-08-03 23:43:58 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004-08-03 23:44:14 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2011-02-11 10:05:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Alwil Software [2013-03-06 19:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\DatacardService [2014-09-07 12:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\GG [2014-12-07 21:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Soulseek [2012-09-21 19:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\BESTplayer [2009-06-20 09:53:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\DeepBurner [2011-08-15 11:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Digiarty [2007-06-06 22:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Gadu-Gadu [2014-12-08 19:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\GG [2010-08-11 20:55:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\iS3 [2008-07-08 13:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Mp3tag [2012-09-08 10:45:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\PLAY ONLINE [2014-12-04 21:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Thinstall [2014-12-08 19:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Thunderbird [2013-05-11 19:52:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\darek\Dane aplikacji\Vso [color=#E56717]========== Purity Check ==========[/color] < End of report >