OTL logfile created on: 2013-10-18 18:04:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\endorro\Moje dokumenty\Pobieranie Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,93 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 74,00% Memory free 4,77 Gb Paging File | 4,18 Gb Available in Paging File | 87,63% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 288,08 Gb Total Space | 139,83 Gb Free Space | 48,54% Space Free | Partition Type: NTFS Computer Name: PLATKOVS-31410D | User Name: endorro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013-10-18 18:03:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\endorro\Moje dokumenty\Pobieranie\OTL.exe PRC - [2013-10-18 18:01:19 | 001,087,213 | ---- | M] (Farbar) -- C:\Documents and Settings\endorro\Moje dokumenty\Pobieranie\FRST.exe PRC - [2013-10-16 20:07:48 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe PRC - [2013-10-16 20:07:39 | 001,673,680 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe PRC - [2013-10-02 12:57:32 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013-09-24 20:03:35 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013-09-24 18:10:28 | 003,581,440 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe PRC - [2013-09-24 18:10:23 | 003,419,136 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe PRC - [2013-09-15 14:33:18 | 000,415,024 | ---- | M] () -- C:\WINDOWS\system32\jmdp\stij.exe PRC - [2013-09-15 14:21:34 | 001,434,416 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe PRC - [2013-07-02 09:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe PRC - [2013-05-05 12:09:13 | 000,802,136 | ---- | M] (BitTorrent Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2011-10-01 01:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011-10-01 01:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010-01-22 00:47:36 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013-10-08 22:47:37 | 016,233,864 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll MOD - [2013-10-02 12:57:32 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013-09-24 18:10:34 | 000,485,376 | ---- | M] () -- C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll MOD - [2013-09-24 18:10:27 | 000,018,432 | ---- | M] () -- C:\Program Files\Movies Toolbar\Datamngr\mgrldr.dll MOD - [2013-09-15 14:33:18 | 000,415,024 | ---- | M] () -- C:\WINDOWS\system32\jmdp\stij.exe MOD - [2013-09-15 14:30:36 | 001,062,912 | ---- | M] () -- C:\WINDOWS\system32\jmdp\lmrn.dll MOD - [2013-09-15 14:21:34 | 001,434,416 | ---- | M] () -- C:\WINDOWS\system32\dmwu.exe MOD - [2010-01-22 00:47:36 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013-10-16 20:07:48 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP) SRV - [2013-10-08 22:47:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013-10-02 12:57:32 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013-09-24 20:03:35 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013-09-24 18:10:23 | 003,419,136 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe -- (DatamngrCoordinator) SRV - [2013-09-15 14:21:34 | 001,434,416 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\dmwu.exe -- (IBUpdaterService) SRV - [2013-09-13 17:02:00 | 003,029,472 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Dane aplikacji\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -- (BitGuard) SRV - [2013-07-25 08:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011-10-01 01:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011-10-01 01:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zgdcnet.sys -- (zgdcnet) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zgdcdiag.sys -- (zgdcdiag) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\zgdcat.sys -- (zgdcat) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter_lte.sys -- (massfilter_lte) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2011-11-30 16:26:12 | 000,111,104 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmshusbser.sys -- (cmshusbser) DRV - [2011-10-01 01:30:42 | 000,018,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftvolxp.sys -- (Sftvol) DRV - [2011-10-01 01:30:40 | 000,020,584 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftredirxp.sys -- (Sftredir) DRV - [2011-10-01 01:30:38 | 000,209,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftplayxp.sys -- (Sftplay) DRV - [2011-10-01 01:30:36 | 000,584,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sftfsxp.sys -- (Sftfs) DRV - [2010-01-22 00:47:36 | 000,215,856 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3132r5.sys -- (Si3132r5) DRV - [2010-01-22 00:47:36 | 000,212,520 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\Si3531.sys -- (Si3531) DRV - [2010-01-22 00:47:36 | 000,195,072 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\Si3114r5.sys -- (Si3114r5) DRV - [2010-01-22 00:47:36 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2010-01-22 00:47:36 | 000,074,672 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3132.sys -- (Si3132) DRV - [2010-01-22 00:47:36 | 000,069,248 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3124.sys -- (Si3124) DRV - [2010-01-22 00:47:36 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2010-01-22 00:47:36 | 000,062,336 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3112.sys -- (Si3112) DRV - [2010-01-22 00:47:36 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2009-01-15 16:51:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c) DRV - [2009-01-13 19:10:08 | 005,015,040 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2008-02-18 22:09:40 | 000,166,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2007-09-20 21:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX) DRV - [2006-11-02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=prs&from=prs&uid=67194_16910336_67167133_3219913727_B0DB4E7A&ts=1356562866 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?utm_source=b&utm_medium=prs&from=prs&uid=67194_16910336_67167133_3219913727_B0DB4E7A&ts=1356562866 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=420&systemid=406&v=a9396-116&apn_uid=3155637608954780&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?babsrc=HP_ss&mntrId=B0DB0025568C05E6&affID=120606&tsp=4931 IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?utm_source=b&utm_medium=prs&from=prs&uid=67194_16910336_67167133_3219913727_B0DB4E7A&ts=1356562866 IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-420&v=a9396-116&t=4 IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\SearchScopes\{0C2BC48E-A5D0-41B4-A0DF-3ACFF6004369}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=STT&o=102866&src=crm&q={searchTerms}&locale=&apn_ptnrs=^5N&apn_dtid=^YYYYYY^YY^NL&apn_uid=381FFDA9-75E8-4A7E-A08D-13291BBB39B4&apn_sauid=5AAF6651-57BC-419A-927E-ABECD0E240FB IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=B0DB0025568C05E6&affID=120606&tsp=4931 IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?q={searchTerms} IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=420&systemid=406&v=a9396-116&apn_uid=3155637608954780&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468 IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/?a=6OyZn96Aci&loc=skw&search={searchTerms} IE - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..CT3220468.browser.search.defaultthis.engineName: true FF - prefs.js..CT3220468.url_history0001.enc: "aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMTcyLCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMTc2LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMTgwLCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMTg0LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMTg5LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMTkzLCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMTk3LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMjAxLCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMjA1LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMjA5LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMjE1LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMjIwLCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMjI0LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMjI4LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMjMyLCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLyM6OjpjbGlja2hhbmRsZXI6OjoxMzc5MDk2MjAxMjM3"user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1379166159019,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");user_pref("Datamngr.Updater.Enabled", "true");user_pref("Smartbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT3220468&SearchSource=13");user_pref("Smartbar.ConduitSearchEngineList", "");user_pref("Smartbar.ConduitSearchUrlList", "");user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");user_pref("accessibility.typeaheadfind.flashBar", 0);user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1382036550);user_pref("app.update.lastUpdateTime.background-update-timer", 1382109185);user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1382089603);user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1382108945);user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1382109065);user_pref("browser.cache.disk.capacity", 358400);user_pref("browser.cache.disk.smart_size.first_run", false);user_pref("browser.cache.disk.smart_size.use_old_max", false);user_pref("browser.cache.disk.smart_size_cached_value", 358400);user_pref("browser.download.lastDir", "C:\\Documents and Settings\\endorro\\Pulpit");user_pref("browser.download.manager.alertOnEXEOpen", false);user_pref("browser.download.panel.firstSessionCompleted", true);user_pref("browser.download.panel.shown", true);user_pref("browser.formfill.enable", false);user_pref("browser.keywordURLPromptDeclined", 1);user_pref("browser.migration.version", 13);user_pref("browser.newtabpage.storageVersion", 1);user_pref("browser.pagethumbnails.storage_version", 3);user_pref("browser.places.smartBookmarksVersion", 4);user_pref("browser.rights.3.shown", true);user_pref("browser.search.defaultengine", "Ask Search");user_pref("browser.search.defaultenginename", "Ask Search");user_pref("browser.search.order.1", "Ask.com");user_pref("browser.search.selectedEngine", "");user_pref("browser.search.suggest.enabled", false);user_pref("browser.search.useDBForOrder", true);user_pref("browser.slowStartup.averageTime", 16457);user_pref("browser.slowStartup.samples", 1);user_pref("browser.startup.homepage", "http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-420&v=a9396-116&t=4");user_pref("browser.startup.homepage_override.buildID", "20130910160258");user_pref("browser.startup.homepage_override.mstone", "24.0");user_pref("browser.syncPromoViewsLeftMap", "{\"bookmarks\":0,\"passwords\":0}");user_pref("datareporting.healthreport.currentDaySubmissionFailureCount", 1);user_pref("datareporting.healthreport.lastDataSubmissionFailureTime", "1379256257747");user_pref("datareporting.healthreport.lastDataSubmissionRequestedTime", "1380138056084");user_pref("datareporting.healthreport.lastDataSubmissionSuccessfulTime", "1380041304627");user_pref("datareporting.healthreport.nextDataSubmissionTime", "1380138956084");user_pref("browser.startup.homepage", "http://mystart.incredibar.com/?a=6OyZn96Aci&loc=skw");user_pref("keyword.URL", "http://mystart.incredibar.com/?a=6OyZn96Aci&loc=skw&search=");user_pref("browser.newtab.url","http://mystart.incredibar.com/?a=6OyZn96Aci&loc=skw");user_pref("datareporting.healthreport.service.firstRun", true); FF - prefs.js..extensions.enabledAddons: ffxtlbr%40delta.com:1.5.0 FF - prefs.js..extensions.enabledAddons: %7B6F977649-B06D-7809-9725-1FCFD3AC8308%7D:5.0.0.9396 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0 FF - prefs.js..keyword.URL: "http://mystart.incredibar.com/?a=6OyZn96Aci&loc=skw&search=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\endorro\Ustawienia lokalne\Dane aplikacji\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\endorro\Ustawienia lokalne\Dane aplikacji\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-09-23 18:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Extensions [2013-10-18 10:40:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\extensions [2013-09-14 20:14:16 | 000,000,000 | ---D | M] (Movies Toolbar (Dist. by Bandoo Media, Inc.)) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} [2013-09-25 12:19:03 | 000,000,000 | ---D | M] (New tab) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\extensions\{6F977649-B06D-7809-9725-1FCFD3AC8308} [2013-09-14 19:10:09 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} [2013-07-02 20:49:02 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\extensions\ffxtlbr@delta.com [2013-01-05 18:50:45 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\extensions\ffxtlbr@incredibar.com [2013-02-10 13:42:49 | 000,010,043 | ---- | M] () (No name found) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\extensions\IplextoALL@ALLPlayer.org.xpi [2013-10-18 10:40:35 | 000,477,589 | ---- | M] () (No name found) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\extensions\toolbar_ORJ-V7@apn.ask.com.xpi [2013-03-14 15:33:33 | 000,014,676 | ---- | M] () (No name found) -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\extensions\YouTubetoALL@ALLPlayer.org.xpi [2013-09-24 20:06:00 | 000,002,545 | ---- | M] () -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\searchplugins\ask-search.xml [2013-09-25 12:19:14 | 000,002,662 | ---- | M] () -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\searchplugins\Ask.xml [2013-07-02 20:48:36 | 000,006,505 | ---- | M] () -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\searchplugins\babylon.xml [2013-07-02 20:48:36 | 000,006,505 | ---- | M] () -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\searchplugins\BitGuard.xml [2013-07-02 20:48:36 | 000,006,505 | ---- | M] () -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\searchplugins\BrowserDefender.xml [2013-07-02 20:49:06 | 000,001,294 | ---- | M] () -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\searchplugins\delta.xml [2013-09-17 12:25:14 | 000,002,115 | ---- | M] () -- C:\Documents and Settings\endorro\Dane aplikacji\Mozilla\Firefox\Profiles\fx8adpci.default\searchplugins\MyStart Search.xml [2013-10-02 12:57:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Extensions [2013-10-02 12:57:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013-10-02 12:57:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013-09-25 12:19:14 | 000,002,662 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Ask.xml [2012-12-27 01:01:08 | 000,000,402 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\v9.xml O1 HOSTS File: ([2010-01-22 00:47:36 | 000,000,775 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (ALLYouTubeDownloader) - {61DB16C5-B733-43F4-872E-B20DC9E72740} - C:\Program Files\ALLYouTubeDownloader\ALLYouTubeDownloader.dll (ALLCinema Ltd.) O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) O2 - BHO: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (uTorrentControl_v2 Toolbar) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com) O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\..\Toolbar\WebBrowser: (uTorrentControl_v2 Toolbar) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - C:\Program Files\uTorrentControl_v2\prxtbuTo0.dll (Conduit Ltd.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN) O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKU\S-1-5-21-1547161642-861567501-1417001333-1003..\Run: [ALLUpdate] "C:\Program Files\ALLPlayer\ALLUpdate.exe" "sleep" File not found O4 - HKU\S-1-5-21-1547161642-861567501-1417001333-1003..\Run: [CancelAutoPlay] C:\Program Files\Telenor\Miniruter_MF91D\CancelAutoPlay.exe File not found O4 - HKU\S-1-5-21-1547161642-861567501-1417001333-1003..\Run: [Facebook Update] C:\Documents and Settings\endorro\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-1547161642-861567501-1417001333-1003..\Run: [iLivid] C:\Documents and Settings\endorro\Ustawienia lokalne\Dane aplikacji\iLivid\iLivid.exe (Bandoo Media Inc.) O4 - HKU\S-1-5-21-1547161642-861567501-1417001333-1003..\Run: [UpdateMyDrivers] C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss File not found O4 - HKU\S-1-5-21-1547161642-861567501-1417001333-1003..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent Inc.) O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10d.exe (Adobe Systems, Inc.) O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10d.exe (Adobe Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1547161642-861567501-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.208.20.110 84.208.20.111 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAE7BEDF-F9E8-4C39-9F60-AC6F05934781}: DhcpNameServer = 84.208.20.110 84.208.20.111 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\DOCUME~1\ALLUSE~1\DANEAP~1\Wincert\WIN32C~1.DLL) - C:\Documents and Settings\All Users\Dane aplikacji\Wincert\win32cert.dll () O20 - AppInit_DLLs: (C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll) - C:\Program Files\Movies Toolbar\Datamngr\mgrldr.dll () O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\endorro\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\endorro\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\bitguard.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\bprotect.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\WINDOWS\System32\tasklist.exe (Microsoft Corporation) O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-07-23 23:09:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0a88dda6-8275-11e2-9456-00235aeba2e0}\Shell - "" = AutoRun O33 - MountPoints2\{0a88dda6-8275-11e2-9456-00235aeba2e0}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Common_Handset_USB_Driver.exe O33 - MountPoints2\{102e14b1-5012-11e2-93df-00235aeba2e0}\Shell - "" = AutoRun O33 - MountPoints2\{102e14b1-5012-11e2-93df-00235aeba2e0}\Shell\AutoRun\command - "" = F:\Startme.exe O33 - MountPoints2\{19ee14bf-0e60-11e2-9334-00235aeba2e0}\Shell\AutoRun\command - "" = RunClubSanDisk.exe O33 - MountPoints2\{22fbb1e8-e16e-11e2-9502-00235aeba2e0}\Shell - "" = AutoRun O33 - MountPoints2\{22fbb1e8-e16e-11e2-9502-00235aeba2e0}\Shell\AutoRun\command - "" = E:\TelenorMiniruter_MF91D.exe /s O33 - MountPoints2\{22fbb1eb-e16e-11e2-9502-00235aeba2e0}\Shell - "" = AutoRun O33 - MountPoints2\{22fbb1eb-e16e-11e2-9502-00235aeba2e0}\Shell\AutoRun\command - "" = E:\TelenorMiniruter_MF91D.exe /s O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\TelenorMiniruter_MF91D.exe /s O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O36 - AppCertDlls: x64 - (c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll) - File not found O36 - AppCertDlls: x86 - (C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll () O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013-10-18 18:01:44 | 000,000,000 | ---D | C] -- C:\FRST [2013-10-17 19:39:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013-10-16 22:37:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\endorro\Pulpit\Solstafir - Svartir Sandar [2013-10-15 19:36:37 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco Systems [2013-10-15 19:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Cisco Systems [2013-10-13 10:28:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\endorro\Pulpit\gaupne [2013-10-08 22:47:34 | 017,813,896 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013-10-02 12:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013-09-27 13:13:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun [2013-09-25 12:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Datamngr [2013-09-25 11:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\endorro\Ustawienia lokalne\Dane aplikacji\Sun [2013-09-24 20:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\AskPartnerNetwork [2013-09-24 20:05:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\AskPartnerNetwork [2013-09-24 20:05:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\APN [2013-09-24 20:03:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dane aplikacji\Sun [2013-09-24 20:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013-09-24 20:03:49 | 000,868,264 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013-09-24 20:03:49 | 000,790,440 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013-09-24 20:03:49 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013-09-24 20:03:49 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013-09-24 20:03:43 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-09-24 20:03:43 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-09-24 20:03:43 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-09-24 20:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Start\Programy\Java [2013-09-24 20:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013-09-24 20:03:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\endorro\Dane aplikacji\Sun [2013-09-23 22:01:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\endorro\Pulpit\Norweski-AudioKurs [2013-09-22 13:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\endorro\Dane aplikacji\File Scout [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013-10-18 17:59:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013-10-18 11:45:00 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013-10-18 03:15:02 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\EPUpdater.job [2013-10-18 01:09:02 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1547161642-861567501-1417001333-1003UA.job [2013-10-17 13:09:00 | 000,000,988 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1547161642-861567501-1417001333-1003Core.job [2013-10-17 07:58:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013-10-13 11:21:31 | 000,061,599 | ---- | M] () -- C:\Documents and Settings\endorro\Pulpit\1379760_10151954672327930_1236780763_n.jpg [2013-10-13 09:57:11 | 000,356,512 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat [2013-10-13 09:57:11 | 000,312,382 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013-10-13 09:57:11 | 000,050,096 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat [2013-10-13 09:57:11 | 000,040,512 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013-10-08 22:47:38 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013-10-08 22:47:38 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013-10-08 22:47:35 | 017,813,896 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe [2013-10-07 17:13:49 | 000,178,176 | ---- | M] () -- C:\Documents and Settings\endorro\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013-09-24 20:03:36 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013-09-24 20:03:35 | 000,868,264 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013-09-24 20:03:35 | 000,790,440 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013-09-24 20:03:35 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013-09-24 20:03:35 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013-09-24 20:03:35 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013-09-24 20:03:35 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013-10-15 19:37:12 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Start\Programy\Cisco Connect.lnk [2013-10-13 11:21:20 | 000,061,599 | ---- | C] () -- C:\Documents and Settings\endorro\Pulpit\1379760_10151954672327930_1236780763_n.jpg [2013-08-26 00:57:27 | 000,014,810 | ---- | C] () -- C:\Documents and Settings\endorro\Menu Start.rar [2013-01-05 18:48:30 | 001,434,416 | ---- | C] () -- C:\WINDOWS\System32\dmwu.exe [2012-09-23 20:33:40 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2012-09-17 15:41:16 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\Desktop_.ini [2012-09-17 15:32:27 | 002,026,604 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin [2012-09-17 15:32:26 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5002.dll [2012-09-17 15:32:25 | 000,442,964 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin [2012-08-09 23:07:19 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat [2012-08-09 23:07:19 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat [2012-08-09 23:07:19 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat [2012-08-09 23:07:19 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat [2012-07-24 22:16:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2012-07-24 22:08:27 | 000,178,176 | ---- | C] () -- C:\Documents and Settings\endorro\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-07-24 00:58:43 | 000,004,293 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012-07-24 00:57:25 | 000,101,440 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012-07-23 23:11:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012-07-23 23:06:38 | 000,021,856 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2010-01-22 00:47:36 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2010-01-22 00:47:36 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2010-01-22 00:47:36 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013-09-24 20:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\APN [2013-09-24 20:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AskPartnerNetwork [2013-07-10 19:24:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AVAST Software [2013-07-02 20:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Babylon [2013-09-14 17:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\BitGuard [2012-09-17 15:40:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Broadcom [2013-10-15 19:32:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Cisco Systems [2013-10-18 18:00:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Datamngr [2013-07-30 18:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\VirtualizedApplications [2013-09-25 12:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Wincert [2013-09-30 09:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\AIMP3 [2013-07-02 20:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\BabSolution [2013-07-02 20:48:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\Babylon [2013-01-22 23:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\BESTplayer [2013-07-02 20:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\Delta [2013-09-08 00:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\EurekaLog [2013-09-22 13:54:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\File Scout [2013-07-09 23:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\foobar2000 [2013-09-14 20:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\ilividmoviestoolbarha [2013-02-10 13:33:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\Incredibar.com [2012-09-23 20:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\NapiProjekt [2013-10-06 16:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\PriceGong [2013-10-02 22:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\SoftGrid Client [2013-07-30 09:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\TP [2013-01-05 14:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\Unity [2013-10-18 18:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\endorro\Dane aplikacji\uTorrent [2013-07-02 21:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Delta [2013-07-02 21:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Incredibar.com [2013-07-27 12:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\PriceGong [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Files - Unicode (All) ==========[/color] (C:\Documents and Settings\All Users\Menu Start\Programy\????USB??) -- C:\Documents and Settings\All Users\Menu Start\Programy\安卓手机USB驱动 < End of report >