OTL logfile created on: 2013-01-22 20:16:52 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JERZY\Desktop\OTL 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,96 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 65,38% Memory free 7,92 Gb Paging File | 6,60 Gb Available in Paging File | 83,33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 283,40 Gb Total Space | 249,65 Gb Free Space | 88,09% Space Free | Partition Type: NTFS Computer Name: JERZY-KOMPUTER | User Name: JERZY | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-01-19 18:08:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JERZY\Desktop\OTL\OTL.exe PRC - [2013-01-12 11:19:02 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe PRC - [2013-01-05 17:23:36 | 000,218,624 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2013-01-01 22:06:45 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012-10-30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2010-11-16 14:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2006-04-06 09:44:18 | 000,237,568 | ---- | M] (CryptoTech Sp. z o.o.) -- C:\Program Files (x86)\CryptoTech\CryptoCard\CCMonitor.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012-10-30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:[b]64bit:[/b] - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013-01-12 11:19:04 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-01-05 17:23:36 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2012-12-18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010-11-16 14:38:16 | 000,339,456 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2013-01-05 17:23:40 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbwwan.sys -- (ewusbmbb) DRV:[b]64bit:[/b] - [2013-01-05 17:23:40 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:[b]64bit:[/b] - [2013-01-05 17:23:40 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:[b]64bit:[/b] - [2013-01-05 17:23:40 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:[b]64bit:[/b] - [2013-01-05 17:23:40 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:[b]64bit:[/b] - [2012-10-30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:[b]64bit:[/b] - [2012-10-30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:[b]64bit:[/b] - [2012-10-30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:[b]64bit:[/b] - [2012-10-30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:[b]64bit:[/b] - [2012-10-30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:[b]64bit:[/b] - [2012-10-15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:[b]64bit:[/b] - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011-09-07 10:46:58 | 000,070,016 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010-11-20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009-06-10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009-06-10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:[b]64bit:[/b] - [2009-06-10 21:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2155111297-985594181-1780823697-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-2155111297-985594181-1780823697-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-2155111297-985594181-1780823697-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SAVJ_plPL517 IE - HKU\S-1-5-21-2155111297-985594181-1780823697-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [color=#E56717]========== Chrome ==========[/color] CHR - homepage: http://www.google.com/ CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: http://www.google.com/ CHR - Extension: No name found = C:\Users\JERZY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: No name found = C:\Users\JERZY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: No name found = C:\Users\JERZY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\JERZY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\JERZY\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: No name found = C:\Users\JERZY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:[b]64bit:[/b] - HKU\S-1-5-21-2155111297-985594181-1780823697-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [CryptoCard Suite Cert Monitor] C:\Program Files (x86)\CryptoTech\CryptoCard\CCMonitor.exe (CryptoTech Sp. z o.o.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2155111297-985594181-1780823697-1000..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27D6BCAC-D436-464F-A677-15C5EB63F207}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67C444A7-4207-4904-90DA-74B2585FAD46}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9CDB0EE-1F60-4631-A2BC-9FD9586E866D}: NameServer = 89.108.202.21 89.108.195.21 O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{effe7604-574f-11e2-83de-a4badb97b18b}\Shell - "" = AutoRun O33 - MountPoints2\{effe7604-574f-11e2-83de-a4badb97b18b}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{effe7616-574f-11e2-83de-a4badb97b18b}\Shell - "" = AutoRun O33 - MountPoints2\{effe7616-574f-11e2-83de-a4badb97b18b}\Shell\AutoRun\command - "" = F:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-01-22 20:17:08 | 000,000,000 | ---D | C] -- C:\Users\JERZY\Desktop\systemlook [2013-01-22 20:05:57 | 000,000,000 | ---D | C] -- C:\Users\JERZY\Desktop\AdwCleaner [2013-01-19 18:12:21 | 000,000,000 | ---D | C] -- C:\_OTL [2013-01-19 18:08:51 | 000,000,000 | ---D | C] -- C:\Users\JERZY\Desktop\OTL [2013-01-19 17:35:31 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013-01-19 17:35:10 | 000,000,000 | ---D | C] -- C:\JRT [2013-01-19 11:55:28 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013-01-18 21:43:59 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\Malwarebytes [2013-01-18 21:43:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013-01-18 21:43:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013-01-18 21:43:38 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013-01-18 21:43:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013-01-18 20:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2013-01-18 20:42:55 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\TestApp [2013-01-18 20:22:21 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\WinRAR [2013-01-18 20:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Red Sky [2013-01-18 20:21:54 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Local\Programs [2013-01-18 19:18:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NiemPol [2013-01-18 19:18:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Komputerowy Słownik Niemiecko-Polski [2013-01-14 19:44:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CryptoTech [2013-01-14 19:44:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CryptoTech [2013-01-14 19:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Płatnik 8.01.001A [2013-01-05 17:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PLAY ONLINE [2013-01-05 17:24:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PLAY ONLINE [2013-01-05 17:24:16 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys [2013-01-05 17:24:16 | 000,421,376 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbwwan.sys [2013-01-05 17:24:16 | 000,221,312 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys [2013-01-05 17:24:16 | 000,212,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys [2013-01-05 17:24:16 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys [2013-01-05 17:24:16 | 000,098,816 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys [2013-01-05 17:24:16 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys [2013-01-05 17:24:16 | 000,069,632 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys [2013-01-05 17:24:16 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys [2013-01-05 17:24:16 | 000,028,672 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys [2013-01-05 17:24:16 | 000,022,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys [2013-01-05 17:24:16 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys [2013-01-05 17:23:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PLAY ONLINE [2013-01-05 17:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService [2013-01-04 11:23:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2013-01-04 11:22:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2013-01-04 11:04:45 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2013-01-04 11:04:36 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll [2013-01-04 11:04:06 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2013-01-04 11:00:14 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2013-01-04 10:59:53 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys [2013-01-03 09:10:12 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2013-01-03 09:10:11 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2013-01-02 19:42:12 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Local\Adobe [2013-01-02 19:14:10 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Local\Microsoft Games [2013-01-02 18:56:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2013-01-02 18:43:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2013-01-02 18:43:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2013-01-02 16:41:23 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013-01-02 16:41:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013-01-02 16:41:22 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013-01-02 16:41:22 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013-01-02 15:53:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013-01-02 15:53:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013-01-02 06:46:14 | 000,697,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-01-02 06:46:13 | 000,074,248 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-01-02 05:38:01 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2013-01-02 05:37:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\oem [2013-01-02 05:36:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2013-01-02 05:36:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\pl-PL [2013-01-02 05:36:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL [2013-01-02 05:36:42 | 000,000,000 | ---D | C] -- C:\Windows\pl-PL [2013-01-02 05:36:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\pl [2013-01-02 05:36:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\pl [2013-01-02 05:34:13 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\pl-PL\pscr.sys.mui [2013-01-02 05:33:54 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\pl-PL\BrSerId.sys.mui [2013-01-02 05:33:54 | 000,010,752 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\pl-PL\BrSerIb.sys.mui [2013-01-02 05:33:54 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\pl-PL\atikmdag.sys.mui [2013-01-02 05:33:54 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\pl-PL\BrParwdm.sys.mui [2013-01-02 00:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013-01-01 23:18:48 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\SumatraPDF [2013-01-01 23:18:42 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\PDFReaderPackages [2013-01-01 23:18:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFReader [2013-01-01 22:22:20 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\Google [2013-01-01 22:13:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2013-01-01 22:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Asseco Poland SA [2013-01-01 22:13:33 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2013-01-01 22:13:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Asseco Poland SA [2013-01-01 22:11:12 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\InstallShield [2013-01-01 22:10:44 | 154,019,168 | ---- | C] (Macrovision Corporation) -- C:\Setup.exe [2013-01-01 22:06:52 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013-01-01 22:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2013-01-01 22:04:45 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Local\Google [2013-01-01 22:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013-01-01 22:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013-01-01 22:04:43 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013-01-01 22:04:43 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013-01-01 22:04:40 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013-01-01 22:04:39 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013-01-01 22:04:38 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013-01-01 22:04:36 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013-01-01 22:04:36 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013-01-01 22:04:02 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013-01-01 22:03:50 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2013-01-01 22:03:50 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013-01-01 22:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013-01-01 22:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013-01-01 21:34:20 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\Macromedia [2013-01-01 21:34:16 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\Adobe [2013-01-01 21:34:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2013-01-01 21:33:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013-01-01 20:49:14 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Local\Diagnostics [2013-01-01 20:46:14 | 000,000,000 | R--D | C] -- C:\Users\JERZY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013-01-01 20:46:14 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Searches [2013-01-01 20:46:14 | 000,000,000 | R--D | C] -- C:\Users\JERZY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013-01-01 20:46:01 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\Identities [2013-01-01 20:45:56 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Contacts [2013-01-01 20:45:53 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Local\VirtualStore [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Ustawienia lokalne [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\AppData\Local\Temporary Internet Files [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Szablony [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\SendTo [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Recent [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\PrintHood [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\NetHood [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Documents\Moje wideo [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Documents\Moje obrazy [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Moje dokumenty [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Documents\Moja muzyka [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Menu Start [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\AppData\Local\Historia [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Dane aplikacji [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\AppData\Local\Dane aplikacji [2013-01-01 20:45:33 | 000,000,000 | -HSD | C] -- C:\Users\JERZY\Cookies [2013-01-01 20:45:32 | 000,000,000 | --SD | C] -- C:\Users\JERZY\AppData\Roaming\Microsoft [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Videos [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Saved Games [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Pictures [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Music [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Links [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Favorites [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Downloads [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Documents [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\Desktop [2013-01-01 20:45:32 | 000,000,000 | R--D | C] -- C:\Users\JERZY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013-01-01 20:45:32 | 000,000,000 | -H-D | C] -- C:\Users\JERZY\AppData [2013-01-01 20:45:32 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Local\Temp [2013-01-01 20:45:32 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Local\Microsoft [2013-01-01 20:45:32 | 000,000,000 | ---D | C] -- C:\Users\JERZY\AppData\Roaming\Media Center Programs [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Ulubione [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Szablony [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\Recovery [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Pulpit [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje wideo [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moje obrazy [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Moja muzyka [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Start [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty [2013-01-01 20:45:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dane aplikacji [2013-01-01 20:41:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013-01-01 20:38:58 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013-01-01 20:38:36 | 000,000,000 | -HSD | C] -- C:\System Volume Information [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-01-22 20:18:08 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013-01-22 20:18:08 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013-01-22 20:16:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-01-22 20:15:32 | 001,549,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013-01-22 20:15:32 | 000,697,912 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat [2013-01-22 20:15:32 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013-01-22 20:15:32 | 000,134,990 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat [2013-01-22 20:15:32 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013-01-22 20:14:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-01-22 20:11:00 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-01-22 20:10:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013-01-22 20:10:21 | 3190,050,816 | -HS- | M] () -- C:\hiberfil.sys [2013-01-19 18:01:05 | 000,001,890 | ---- | M] () -- C:\Users\JERZY\Desktop\FIX.REG [2013-01-19 11:55:23 | 743,867,711 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013-01-18 21:43:40 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013-01-18 20:46:07 | 001,990,823 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB [2013-01-18 19:18:38 | 000,000,929 | ---- | M] () -- C:\Users\JERZY\Desktop\Komputerowy Słownik Niemiecko-Polski.lnk [2013-01-14 19:44:43 | 000,002,471 | ---- | M] () -- C:\Users\Public\Desktop\Menedżer komponentu technicznego.lnk [2013-01-14 19:44:43 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\Menedżer CryptoCard Suite.lnk [2013-01-14 19:35:12 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\Płatnik 8.01.001A.lnk [2013-01-12 11:19:03 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013-01-12 11:19:03 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013-01-09 20:28:18 | 000,140,279 | ---- | M] () -- C:\Users\JERZY\Desktop\130109-201616.jpg [2013-01-09 20:28:00 | 000,145,549 | ---- | M] () -- C:\Users\JERZY\Desktop\130109-201722.jpg [2013-01-09 20:10:09 | 000,276,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013-01-09 19:54:17 | 002,265,244 | ---- | M] () -- C:\Users\JERZY\Desktop\TD-W8961ND User Guide.pdf [2013-01-05 17:24:36 | 000,001,043 | ---- | M] () -- C:\Users\Public\Desktop\PLAY ONLINE.lnk [2013-01-05 17:24:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [2013-01-05 17:23:41 | 001,001,472 | ---- | M] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys [2013-01-05 17:23:40 | 000,421,376 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbwwan.sys [2013-01-05 17:23:40 | 000,221,312 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys [2013-01-05 17:23:40 | 000,212,992 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys [2013-01-05 17:23:40 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys [2013-01-05 17:23:40 | 000,098,816 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys [2013-01-05 17:23:40 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys [2013-01-05 17:23:40 | 000,069,632 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys [2013-01-05 17:23:40 | 000,032,768 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys [2013-01-05 17:23:40 | 000,028,672 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys [2013-01-05 17:23:40 | 000,022,016 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys [2013-01-05 17:23:40 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys [2013-01-04 09:33:19 | 000,000,529 | ---- | M] () -- C:\Users\JERZY\Desktop\Centrum sieci i udostępniania — skrót.lnk [2013-01-03 07:18:52 | 000,015,360 | ---- | M] () -- C:\Windows\Launcher.exe [2013-01-02 18:49:29 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Wybór przeglądarki.lnk [2013-01-02 16:55:14 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013-01-02 16:55:14 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013-01-02 15:53:56 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013-01-02 05:36:33 | 000,337,158 | ---- | M] () -- C:\Windows\SysNative\perfi015.dat [2013-01-02 05:36:33 | 000,038,710 | ---- | M] () -- C:\Windows\SysNative\perfd015.dat [2013-01-01 22:04:44 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013-01-01 22:04:36 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013-01-01 22:02:04 | 000,000,404 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013-01-01 22:02:04 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI [2013-01-01 20:42:31 | 000,064,519 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013-01-01 20:42:31 | 000,064,519 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2013-01-01 20:41:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-01-19 18:01:05 | 000,001,890 | ---- | C] () -- C:\Users\JERZY\Desktop\FIX.REG [2013-01-19 11:55:23 | 743,867,711 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013-01-18 21:43:40 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013-01-18 20:45:56 | 001,990,823 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB [2013-01-18 20:21:51 | 000,015,360 | ---- | C] () -- C:\Windows\Launcher.exe [2013-01-18 19:18:38 | 000,000,929 | ---- | C] () -- C:\Users\JERZY\Desktop\Komputerowy Słownik Niemiecko-Polski.lnk [2013-01-14 19:44:43 | 000,002,471 | ---- | C] () -- C:\Users\Public\Desktop\Menedżer komponentu technicznego.lnk [2013-01-14 19:44:43 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\Menedżer CryptoCard Suite.lnk [2013-01-14 19:35:12 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\Płatnik 8.01.001A.lnk [2013-01-09 20:28:50 | 000,145,549 | ---- | C] () -- C:\Users\JERZY\Desktop\130109-201722.jpg [2013-01-09 20:28:35 | 000,140,279 | ---- | C] () -- C:\Users\JERZY\Desktop\130109-201616.jpg [2013-01-09 19:54:16 | 002,265,244 | ---- | C] () -- C:\Users\JERZY\Desktop\TD-W8961ND User Guide.pdf [2013-01-05 17:24:36 | 000,001,043 | ---- | C] () -- C:\Users\Public\Desktop\PLAY ONLINE.lnk [2013-01-05 17:24:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf [2013-01-04 11:06:55 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2013-01-04 11:04:07 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2013-01-04 11:03:46 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2013-01-04 11:03:46 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2013-01-04 11:02:58 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2013-01-04 09:33:19 | 000,000,529 | ---- | C] () -- C:\Users\JERZY\Desktop\Centrum sieci i udostępniania — skrót.lnk [2013-01-02 18:49:29 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Wybór przeglądarki.lnk [2013-01-02 17:12:01 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013-01-02 16:55:14 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013-01-02 16:55:14 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013-01-02 16:40:18 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013-01-02 15:53:56 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013-01-02 15:53:56 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013-01-02 06:46:16 | 000,000,930 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013-01-02 05:37:33 | 000,000,024 | RH-- | C] () -- C:\Windows\DELL_version [2013-01-02 05:37:05 | 000,697,912 | ---- | C] () -- C:\Windows\SysNative\perfh015.dat [2013-01-02 05:37:05 | 000,337,158 | ---- | C] () -- C:\Windows\SysNative\perfi015.dat [2013-01-02 05:37:05 | 000,134,990 | ---- | C] () -- C:\Windows\SysNative\perfc015.dat [2013-01-02 05:37:05 | 000,038,710 | ---- | C] () -- C:\Windows\SysNative\perfd015.dat [2013-01-01 22:04:50 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013-01-01 22:04:49 | 000,001,042 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013-01-01 22:04:44 | 000,001,958 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013-01-01 22:04:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2013-01-01 22:02:04 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2013-01-01 21:13:40 | 000,000,404 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013-01-01 20:46:24 | 000,001,565 | ---- | C] () -- C:\Users\JERZY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2013-01-01 20:46:16 | 000,001,587 | ---- | C] () -- C:\Users\JERZY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013-01-01 20:42:24 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013-01-01 20:42:13 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013-01-01 20:41:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013-01-01 20:38:36 | 3190,050,816 | -HS- | C] () -- C:\hiberfil.sys [color=#E56717]========== ZeroAccess Check ==========[/color] [2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012-06-09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2013-01-01 23:18:42 | 000,000,000 | ---D | M] -- C:\Users\JERZY\AppData\Roaming\PDFReaderPackages [2013-01-01 23:18:48 | 000,000,000 | ---D | M] -- C:\Users\JERZY\AppData\Roaming\SumatraPDF [2013-01-18 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\JERZY\AppData\Roaming\TestApp [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84 @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report >