OTL logfile created on: 2013-10-01 20:39:57 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\xp\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 1023,48 Mb Total Physical Memory | 451,95 Mb Available Physical Memory | 44,16% Memory free 2,40 Gb Paging File | 1,94 Gb Available in Paging File | 80,92% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 21,11 Gb Total Space | 10,11 Gb Free Space | 47,91% Space Free | Partition Type: NTFS Drive D: | 127,93 Gb Total Space | 46,58 Gb Free Space | 36,41% Space Free | Partition Type: NTFS Computer Name: XP | User Name: xp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-10-01 20:39:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\xp\Moje dokumenty\Pobieranie\OTL.exe PRC - [2013-09-30 21:37:15 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-08-24 20:57:11 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2008-04-15 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-04-15 14:00:00 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\osk.exe PRC - [2008-04-15 14:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msswchx.exe PRC - [2007-09-27 16:53:34 | 000,331,776 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMProcess.exe PRC - [2007-04-05 10:29:28 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMWDSrv.exe PRC - [2007-03-28 00:38:48 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMCONFIG.exe PRC - [2007-03-06 14:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\StartAutorun.exe PRC - [2005-09-06 11:10:34 | 000,450,560 | ---- | M] (VIA Technologies, Inc.) -- C:\Program Files\VIAudioi\SBADeck\ADeck.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-09-30 21:37:15 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2009-02-27 19:04:20 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.POL MOD - [2008-06-19 20:53:03 | 000,060,416 | ---- | M] () -- C:\WINDOWS\system32\antiwpa.dll MOD - [2008-05-03 05:46:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll MOD - [2007-03-29 12:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Mouse Driver\keydll.dll MOD - [2005-05-04 19:12:46 | 000,028,672 | ---- | M] () -- C:\Program Files\Mouse Driver\MouseHook.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013-09-30 21:37:15 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-09-10 23:21:23 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-08-24 20:57:11 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2007-04-05 10:29:28 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\DU Meter\DUM_XP32.SYS -- (DUMeterDrv) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\xp\USTAWI~1\Temp\catchme.sys -- (catchme) DRV - [2007-03-29 15:00:16 | 000,017,024 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFilter.SYS -- (KMWDFilter) DRV - [2006-10-17 20:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32) DRV - [2005-08-03 15:16:10 | 000,202,112 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) DRV - [2005-03-09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-2052111302-884357618-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKU\S-1-5-21-2052111302-884357618-1801674531-1003\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s IE - HKU\S-1-5-21-2052111302-884357618-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16 FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.9.6 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-08-24 20:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xp\Dane aplikacji\Mozilla\Extensions [2013-09-28 19:14:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\xp\Dane aplikacji\Mozilla\Firefox\Profiles\70m9f0in.default\extensions [2013-08-28 07:26:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\xp\Dane aplikacji\Mozilla\Firefox\Profiles\70m9f0in.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-09-01 19:13:27 | 000,332,487 | ---- | M] () (No name found) -- C:\Documents and Settings\xp\Dane aplikacji\Mozilla\Firefox\Profiles\70m9f0in.default\extensions\artur.dubovoy@gmail.com.xpi [2013-09-28 19:14:30 | 000,496,832 | ---- | M] () (No name found) -- C:\Documents and Settings\xp\Dane aplikacji\Mozilla\Firefox\Profiles\70m9f0in.default\extensions\jid1-MVBjD3PCN9WVIQ@jetpack.xpi [2013-08-24 22:12:28 | 000,206,250 | ---- | M] () (No name found) -- C:\Documents and Settings\xp\Dane aplikacji\Mozilla\Firefox\Profiles\70m9f0in.default\extensions\webmail-notifier@poczta.interia.pl.xpi [2013-08-24 22:09:03 | 000,824,302 | ---- | M] () (No name found) -- C:\Documents and Settings\xp\Dane aplikacji\Mozilla\Firefox\Profiles\70m9f0in.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-24 22:13:59 | 000,434,392 | ---- | M] () (No name found) -- C:\Documents and Settings\xp\Dane aplikacji\Mozilla\Firefox\Profiles\70m9f0in.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-08-24 22:13:59 | 000,714,654 | ---- | M] () (No name found) -- C:\Documents and Settings\xp\Dane aplikacji\Mozilla\Firefox\Profiles\70m9f0in.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-09-30 21:37:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013-09-30 21:37:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2013-08-24 20:32:10 | 000,000,789 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe (VIA Technologies, Inc.) O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKU\S-1-5-21-2052111302-884357618-1801674531-1003..\Run: [DU Meter] "C:\Program Files\DU Meter\DUMeter.exe" /autostart File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-2052111302-884357618-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-2052111302-884357618-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1 O7 - HKU\S-1-5-21-2052111302-884357618-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1 O7 - HKU\S-1-5-21-2052111302-884357618-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F38985D4-5EEF-494B-9144-F4504893076B}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\Antiwpa: DllName - (antiwpa.dll) - C:\WINDOWS\System32\antiwpa.dll () O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013-08-24 20:24:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013-09-15 10:19:36 | 000,049,951 | ---- | M] () - C:\AutoMapaSetupLog.txt -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-10-01 20:37:12 | 000,000,000 | ---D | C] -- C:\FRST [2013-09-30 21:37:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-09-29 23:31:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2013-09-29 23:30:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$ [2013-09-29 15:30:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss [2013-09-29 15:27:17 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013-09-29 15:26:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Dane aplikacji\EurekaLog [2013-09-29 15:17:07 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2013-09-29 15:17:07 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2013-09-29 15:17:07 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2013-09-29 15:17:07 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2013-09-29 15:16:39 | 000,000,000 | ---D | C] -- C:\Qoobox [2013-09-29 15:16:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\xp\Menu Start\Programy\Narzędzia administracyjne [2013-09-29 15:16:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt [2013-09-28 20:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\NapiProjekt [2013-09-28 20:09:01 | 000,000,000 | ---D | C] -- C:\Program Files\NAPI-PROJEKT [2013-09-28 19:32:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Moje dokumenty\ChomikBox [2013-09-28 19:31:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\.gstreamer-0.10 [2013-09-28 19:31:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Temp [2013-09-23 20:59:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2013-09-22 12:37:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\AcGasSynchro [2013-09-22 12:37:53 | 004,082,688 | ---- | C] (Borland Software Corporation) -- C:\WINDOWS\System32\qtintf70.dll [2013-09-22 12:37:51 | 000,000,000 | ---D | C] -- C:\Program Files\AcGasSynchro [2013-09-22 12:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013-09-15 11:44:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\ChomikBox [2013-09-15 11:44:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Chomikuj.pl [2013-09-15 11:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\ChomikBox [2013-09-15 10:37:38 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013-09-15 10:37:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2013-09-15 10:37:28 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013-09-15 10:37:01 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll [2013-09-13 22:30:00 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly [2013-09-13 22:28:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US [2013-09-13 22:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013-09-13 22:28:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET [2013-09-13 21:52:27 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys [2013-09-13 21:52:26 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2013-09-13 21:52:26 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismpx.sys [2013-09-13 21:51:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync [2013-09-07 19:49:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\xp\Moje dokumenty\Moje wideo [2013-09-07 19:49:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Moje wideo [2013-09-03 23:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\gtk-2.0 [2013-09-03 23:22:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\.thumbnails [2013-09-03 23:22:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\gegl-0.2 [2013-09-03 23:22:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\.gimp-2.8 [2013-09-03 22:47:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2013-09-03 22:21:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\Identities [2013-09-03 22:21:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Nero 7 Ultra Edition [2013-09-03 22:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Nero [2013-09-03 22:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2 [2013-09-03 21:22:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\xp\Pulpit\Nowy folder (2) [2013-09-03 21:21:42 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-10-01 20:20:15 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-10-01 20:15:38 | 000,182,038 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2013-10-01 20:15:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-09-30 20:22:22 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-09-28 20:07:13 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-09-28 20:05:58 | 000,000,047 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2013-09-22 12:37:56 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\xp\Pulpit\AcGasSynchro 1.14.1.0.lnk [2013-09-15 19:46:10 | 000,096,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-09-15 11:44:44 | 000,000,461 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\ChomikBox.lnk [2013-09-15 10:39:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013-09-15 10:38:05 | 000,554,386 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-09-15 10:38:05 | 000,492,864 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-09-15 10:38:05 | 000,104,100 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-09-15 10:38:05 | 000,083,386 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-09-13 21:51:46 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\xp\Dane aplikacji\$_hpcst$.hpc [2013-09-10 23:21:23 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-09-10 23:21:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-09-03 23:42:56 | 000,007,230 | ---- | M] () -- C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\recently-used.xbel [2013-09-03 22:21:28 | 000,002,385 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-09-29 15:17:07 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2013-09-29 15:17:07 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2013-09-29 15:17:07 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2013-09-29 15:17:07 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2013-09-29 15:17:07 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2013-09-28 20:05:58 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2013-09-22 12:37:56 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\ZipSFX.bin.old [2013-09-22 12:37:56 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dzsfxnl.bin [2013-09-22 12:37:56 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\dzsfxit.bin [2013-09-22 12:37:56 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\dzsfxes.bin [2013-09-22 12:37:55 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\ZipDLL.dll [2013-09-22 12:37:55 | 000,122,368 | ---- | C] () -- C:\WINDOWS\System32\UNZDLL.dll [2013-09-22 12:37:55 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\dzsfxus.bin [2013-09-22 12:37:55 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\dzsfxde.bin [2013-09-22 12:37:55 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\dzsfxcat.bin [2013-09-22 12:10:05 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Adobe Reader 9.lnk [2013-09-15 11:44:44 | 000,000,461 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\ChomikBox.lnk [2013-09-15 10:38:00 | 000,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2013-09-13 21:51:46 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\xp\Dane aplikacji\$_hpcst$.hpc [2013-09-13 21:51:19 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft ActiveSync.lnk [2013-09-03 23:42:56 | 000,007,230 | ---- | C] () -- C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\recently-used.xbel [2013-09-03 23:16:47 | 000,000,734 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\GIMP 2.lnk [2013-09-03 22:21:28 | 000,002,385 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Nero StartSmart.lnk [2013-09-03 21:52:53 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\xp\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-08-24 22:15:43 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2013-08-24 22:14:31 | 000,096,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013-08-24 20:34:47 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\UnAudioNT.dll [2013-08-24 20:32:03 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll [2013-08-24 20:31:47 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2013-08-24 20:31:47 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2013-08-24 20:31:46 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2013-08-24 20:31:46 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2013-08-24 20:31:45 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2013-08-24 20:26:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2013-08-24 20:20:58 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2013-09-15 10:36:29 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-15 14:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2008-04-15 14:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008-04-15 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-08-24 20:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Hagel Technologies [2013-08-25 19:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\LightScribe [2013-09-29 15:27:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Dane aplikacji\EurekaLog [2013-08-27 20:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\xp\Dane aplikacji\Nowe Gadu-Gadu [color=#E56717]========== Purity Check ==========[/color] < End of report >