OTL logfile created on: 2012-12-21 14:27:01 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Pulpit\otl Windows XP Home Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,63 Gb Available Physical Memory | 81,39% Memory free 3,85 Gb Paging File | 3,66 Gb Available in Paging File | 95,06% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 78,13 Gb Total Space | 54,22 Gb Free Space | 69,39% Space Free | Partition Type: NTFS Drive D: | 78,13 Gb Total Space | 2,34 Gb Free Space | 3,00% Space Free | Partition Type: NTFS Computer Name: KOMPUTER | User Name: Administrator | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012-12-21 14:25:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Pulpit\otl\OTL.exe PRC - [2012-12-10 17:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe PRC - [2012-12-06 16:18:21 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2008-04-15 12:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012-12-06 16:18:20 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2008-05-16 19:31:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2007-01-31 10:39:00 | 000,032,768 | ---- | M] () -- C:\Program Files\VDOTool\TBPanelExt.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\MICHA~1\wgsdgsdgdsgsd.dll -- (winmgmt) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2012-12-10 17:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012-12-06 16:18:20 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012-12-05 21:22:12 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012-11-29 14:50:25 | 003,463,080 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012-10-25 17:33:34 | 000,384,888 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc) SRV - [2012-10-25 17:33:14 | 000,393,080 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc) SRV - [2012-08-18 11:38:26 | 000,022,016 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- d:\xampp\apache\bin\httpd.exe -- (Apache2.4) SRV - [2012-07-20 19:08:04 | 008,186,368 | ---- | M] () [Auto | Stopped] -- d:\xampp\mysql\bin\mysqld.exe -- (mysql) SRV - [2012-05-11 08:24:22 | 000,632,320 | ---- | M] (FileZilla Project) [Auto | Stopped] -- d:\xampp\FileZillaFTP\FileZillaServer.exe -- (FileZillaServer) SRV - [2011-03-16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009-12-23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2007-05-15 14:55:46 | 001,550,896 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a5j26r65) DRV - [2012-10-30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012-10-30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012-10-30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012-10-30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012-10-30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012-10-30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2012-10-30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2012-10-25 17:33:20 | 000,063,864 | ---- | M] (BlueStack Systems) [Kernel | Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv) DRV - [2012-09-29 18:44:17 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2012-05-22 11:21:04 | 006,118,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2011-12-08 07:09:16 | 000,327,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2011-09-16 07:24:26 | 000,070,400 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetndis.sys -- (andnetndis) DRV - [2011-09-06 01:19:48 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetadb.sys -- (andnetadb) DRV - [2011-09-06 00:55:12 | 000,023,040 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetdiag.sys -- (AndNetDiag) DRV - [2011-09-06 00:55:10 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgandnetmodem.sys -- (ANDNetModem) DRV - [2011-06-15 14:11:20 | 000,036,384 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLTEAMING.SYS -- (RTLTEAMING) DRV - [2011-06-15 14:11:20 | 000,022,016 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\RtNdPt5x.sys -- (RtNdPt5x) DRV - [2011-06-15 14:11:20 | 000,017,664 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS -- (RTLVLANMP) DRV - [2011-06-15 14:11:20 | 000,017,664 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS -- (RTLVLAN) DRV - [2009-11-18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt) DRV - [2009-11-18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt) DRV - [2009-09-29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009-09-29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009-09-29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009-03-18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2008-12-26 11:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) DRV - [2007-05-15 14:55:36 | 000,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs) DRV - [2007-05-15 14:55:36 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm) DRV - [2007-05-15 14:55:36 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass) DRV - [2007-05-15 14:55:36 | 000,016,304 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec) DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\TBPanel.sys -- (TBPanel) DRV - [2007-03-16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TBPanel.sys -- (Cardex) DRV - [2004-09-29 21:36:29 | 000,015,360 | RH-- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-789336058-1592454029-1801674531-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-15 20:18:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-12-06 16:18:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-12-21 12:14:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions [2012-12-06 16:18:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012-12-06 16:18:21 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012-09-06 03:57:09 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml [2012-09-06 03:57:10 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml [2012-09-06 03:57:10 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml [2012-09-06 03:57:10 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml [2012-09-06 03:57:10 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml [2012-09-06 03:57:09 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2012-11-11 12:15:59 | 000,000,759 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 5.9.17.119 cdp.pl O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.) O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe (Nero AG) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe (Nero AG) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-789336058-1592454029-1801674531-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEF26597-F65A-45DD-B8CE-BF7098B9B7BC}: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-09-09 09:39:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-12-21 14:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit\otl [2012-12-21 12:48:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie [2012-12-21 12:17:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Sun [2012-12-21 12:17:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Sun [2012-12-21 12:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Temp [2012-12-21 12:17:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Adobe [2012-12-21 12:15:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Macromedia [2012-12-21 12:15:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Adobe [2012-12-21 12:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Mozilla [2012-12-21 12:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla [2012-12-21 12:13:36 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Microsoft [2012-12-21 12:13:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo [2012-12-21 12:13:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji [2012-12-21 12:13:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start [2012-12-21 12:13:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart [2012-12-21 12:13:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Menu Start\Programy\Akcesoria [2012-12-21 12:13:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache [2012-12-21 12:13:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\Cookies [2012-12-21 12:13:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne [2012-12-21 12:13:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Szablony [2012-12-21 12:13:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\Recent [2012-12-21 12:13:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\PrintHood [2012-12-21 12:13:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Administrator\NetHood [2012-12-21 12:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ulubione [2012-12-21 12:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Pulpit [2012-12-21 12:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Moje dokumenty [2012-12-21 12:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\Microsoft [2012-12-18 16:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Google Earth [2012-12-17 18:22:14 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys [2012-12-17 18:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\EPSON Scan [2012-12-17 18:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\epson [2012-12-17 18:21:28 | 000,046,080 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\escimgd.dll [2012-12-17 18:21:28 | 000,029,696 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\escwiad.dll [2012-12-17 18:21:28 | 000,022,016 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\esccmd.dll [2012-12-17 18:21:11 | 000,000,000 | ---D | C] -- C:\EPSON [2012-12-17 17:23:15 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys [2012-12-17 14:31:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2012-12-11 15:29:02 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2012-12-11 15:29:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\LogMeIn Hamachi [2012-12-10 19:14:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\symbols [2012-12-10 19:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2012-12-10 19:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules [2012-12-09 19:15:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2012-12-09 19:15:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2012-12-09 19:15:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2012-12-09 19:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Visual Studio 2010 Express [2012-12-09 19:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs [2012-12-09 19:14:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer [2012-12-09 19:13:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2012-12-09 12:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo [2012-12-09 12:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2012-12-08 19:46:29 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2012-12-06 16:18:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012-12-05 21:22:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012-12-05 21:22:26 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-12-05 21:22:26 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012-12-05 21:22:23 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-12-05 21:22:23 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-12-05 21:22:23 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012-12-05 21:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012-12-03 17:27:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\TeamViewer 8 [2012-12-03 17:27:11 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2012-11-28 19:05:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Laboratorium Informatyki 2.1 - Demo WSiP [2012-11-28 19:05:03 | 000,000,000 | ---D | C] -- C:\ELI2D [2012-11-28 19:04:57 | 000,541,696 | ---- | C] (Brain Made) -- C:\INSTCORE.EXE [2012-11-25 11:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Minecraft [2012-11-25 11:42:32 | 000,000,000 | ---D | C] -- C:\Users [2012-11-24 18:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012-11-24 18:58:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Steam [2012-11-23 20:39:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Free Pascal [2012-11-23 20:39:10 | 000,000,000 | ---D | C] -- C:\FPC [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012-12-21 14:22:26 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012-12-21 14:22:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012-12-21 14:19:45 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2012-12-21 12:17:06 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-12-21 12:07:15 | 000,002,998 | ---- | M] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.js [2012-12-21 11:34:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012-12-21 10:32:58 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2012-12-21 10:32:21 | 000,186,097 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012-12-21 10:32:06 | 000,001,032 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012-12-17 18:21:29 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\EPSON Scan.lnk [2012-12-16 01:30:00 | 000,249,856 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\DeBlock.exe [2012-12-11 15:29:02 | 000,000,685 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\LogMeIn Hamachi.lnk [2012-12-09 18:01:56 | 000,000,165 | ---- | M] () -- C:\WINDOWS\System32\spupdsvc.inf [2012-12-09 18:01:42 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012-12-08 19:46:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_lgandnetadb_01005.Wdf [2012-12-08 19:46:33 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf [2012-12-05 21:22:13 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012-12-05 21:22:12 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012-12-05 21:22:12 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012-12-05 21:22:12 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012-12-05 21:22:12 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012-12-05 21:22:11 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012-12-04 07:48:42 | 000,144,424 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-12-03 17:27:16 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 8.lnk [2012-11-30 14:03:38 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012-11-30 14:03:38 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012-11-25 11:42:37 | 000,000,918 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Minecraft .lnk [2012-11-24 18:58:57 | 000,000,570 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012-12-21 12:50:10 | 000,249,856 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\DeBlock.exe [2012-12-21 12:13:36 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Pomoc zdalna.lnk [2012-12-21 12:13:36 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Administrator\Menu Start\Programy\Windows Media Player.lnk [2012-12-21 12:07:15 | 000,002,998 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.js [2012-12-21 12:07:12 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\dsgsdgdsgdsgw.pad [2012-12-17 18:21:29 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\EPSON Scan.lnk [2012-12-09 21:45:36 | 000,549,276 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-S-1-5-21-789336058-1592454029-1801674531-1004-0.dat [2012-12-09 21:45:35 | 000,148,226 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\WPFFontCache_v0400-System.dat [2012-12-09 18:01:56 | 000,000,165 | ---- | C] () -- C:\WINDOWS\System32\spupdsvc.inf [2012-12-08 19:46:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_lgandnetadb_01005.Wdf [2012-12-08 19:46:33 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf [2012-12-03 17:27:16 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\TeamViewer 8.lnk [2012-11-25 11:42:37 | 000,000,918 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Minecraft .lnk [2012-11-24 18:58:57 | 000,000,570 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk [2012-11-03 21:10:24 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-10-30 15:06:52 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2012-10-26 18:36:21 | 000,122,884 | ---- | C] () -- C:\WINDOWS\UnGins.exe [2012-10-14 15:53:14 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012-09-29 18:49:43 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2012-09-29 18:49:43 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2012-09-29 18:49:43 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2012-09-29 18:49:01 | 000,035,557 | ---- | C] () -- C:\WINDOWS\DIIUnin.dat [2012-09-09 12:22:13 | 000,025,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT [2012-09-09 11:30:26 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-09-09 11:29:12 | 000,144,424 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-09-09 09:55:39 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2012-09-09 09:55:39 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2012-09-09 09:55:39 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2012-09-09 09:55:39 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2012-09-09 09:55:12 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2012-09-09 09:55:12 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2012-09-09 09:55:11 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2012-09-09 09:55:11 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2012-09-09 09:55:11 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2012-09-09 09:42:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-09-09 09:40:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012-09-09 09:36:56 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2012-09-17 17:43:25 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 12:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2012-07-12 19:02:48 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-15 12:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2012-11-15 20:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2012-11-05 19:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BlueStacks [2012-11-05 20:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BlueStacksSetup [2012-11-27 16:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ipla [2012-12-19 20:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2012-12-20 20:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2012-11-17 13:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\RDRM [2012-11-07 21:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gość\Dane aplikacji\Nowe Gadu-Gadu [2012-11-30 17:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michalina\Dane aplikacji\.minecraft [2012-10-26 17:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michalina\Dane aplikacji\BitComet [2012-11-17 12:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michalina\Dane aplikacji\ipla [2012-10-12 19:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michalina\Dane aplikacji\Nowe Gadu-Gadu [2012-09-15 13:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michalina\Dane aplikacji\OpenFM [color=#E56717]========== Purity Check ==========[/color] < End of report >